Configuration Steps
CLI Commands
UI Procedure
(Instant AP)(SSID Profile "wireless-ssid")# auth-
survivability
7. Create access rule for
wired and wireless
authentication.
For wired profile:
(Instant AP)(config)# wlan access-rule wired-port
(Instant AP)(Access Rule "wired-port")# rule any
any match any any any permit
For WLAN SSID employee roles:
(Instant AP)(config)# wlan access-rule wireless-
ssid
(Instant AP)(Access Rule "wireless-ssid")# rule any
any match any any any permit
See
Configuring
ACL Rules for
Network
Services
NOTE:
Ensure that you execute the
commit apply
command in the Instant CLI before saving the configuration and
propagating changes across the IAP cluster.
Table 87:
IAP Configuration for Scenario—GRE: Single Datacenter Deployment with No Redundancy
IAP-Connected Switch Configuration
Client VLANs defined in this example must be opened on the upstream switches in multiple IAP deployments,
as client traffic from the slave to the master is tagged with the client VLAN.
Datacenter Configuration
For information on controller configuration, see
Configuring a Controller for IAP-VPN Operations on page 247
The following GRE configuration is required on the controller:
(host)(config)# interface tunnel <Number>
(host)(config-tunnel)# description <Description>
(host)(config-tunnel)# tunnel mode gre <ID>
(host)(config-tunnel)# tunnel source <controller-IP>
(host)(config-tunnel)# tunnel destination <AP-IP>
(host)(config-tunnel)# trusted
(host)(config-tunnel)# tunnel vlan <allowed-VLAN>
Glossary
The following table lists the terms and their definitions used in this document.
Aruba Instant 6.5.0.0-4.3.0.0 | User Guide
IAP-VPN Deployment Scenarios |
413