Manualshelf

EWS Series User Manual

ManualsBrandsEdgecore Networks ManualsControllerWireless Lan Controller
101102103104105106107108109110
105
11.3 Site-to-site VPN
WLAN controller supports
Site-to-Site VPN
for more than 2 WLAN controllers to create VPN tunnel to each
other over the WAN network. It is based on open source site-to-site VPN protocol and it is backward
compatible with previous WLAN controllers’ site-to-site VPN feature. For example, if there are 2 WLAN
controllers, you can create a VPN tunnel to let a subnet of one WLAN controller to access the subnet of
another WLAN controller.
First, you need to add a Remote Site with at least one remote subnet. The IPSec settings in both sites
must be same.
Then create a Local Site with subnet for mapping to the remote site. Such as “192.168.11.0/24” of WLAN
controller_A >> “192.168.111.0/24” of WLAN controller_B, after the tunnel is created, the users within
these two subnets can reach each other.
Note: You can create more than one VPN tunnel, but the IP segment mapping cannot be overlap, because
one IP segment cannot have two routing rules.