Concept Guide

ManualsBrandsDell ManualsAccess PlatformsW-Series 228 Access Points

611

612

613

614

615

616

617

618

619

620

617| masterip Dell Networking W-Series ArubaOS 6.5.x| Reference Guide

Parameter

Description

fqdn <fqdn>

Identify a dynamically addressed local controller by entering the Fully

Qualified Domain Name (FQDN) of the controller.

suite-b

If you configure your master and local controllers to use IKEv2 and

custom-installed certificates, you can optionally use Suite-B

cryptographic algorithms for IPsec encryption. Specify one of the

following options:

l gcm-128 Use 128-bit AES-GCM Suite-B encryption

l gcm-256 Use 256-bit AES-GCM Suite-B encryption

ipsec-factory-cert

Use the factory-installed certificate on the master controller to

establish a master-local IPsec tunnel using IKEv2.

master-mac1 <mac1>

The MAC address of the certificate on the Master.

master-mac2 <mac2>

(Optional) the MAC address of the certificate on the backup master

controller.

interface

Specify the uplink or VLAN interface on the master controller to

initiate IKE.

uplink

Use the master controller’s current active uplink to initiate IKE.

vlan <id>

Specify a VLAN interface on the master controller to initiate IKE. If you

do not specify a VLAN, the controller IP will be used.

fqdn <fqdn>

Identify a dynamically addressed local controller by entering the Fully

Qualified Domain Name (FQDN) of the controller.

Usage Guidelines

Use this command on a local controller to configure the IP address and preshared key or certificate for secure

communication with the master controller. On the master controller, use the localip command to configure

the IP address and preshared key or certificate for a local controller.

Changing the IP address of the master on a local controller requires a reboot of the local controller

If your master and local controllers use a pre-shared key for authentication, they will create the IPsec tunnel

using IKEv1. If your master and local controllers use certificates for authentication, the IPsec tunnel will be

created using IKEv2.

Example

The following command configures the master controller with a pre-shared key:

(host) [mynode] (config) #masterip 10.1.1.250 ipsec gw1234567