EasyManua.ls Logo

Alcatel-Lucent AOS-W 6.5.3.x - Viewing Branch Status

Alcatel-Lucent AOS-W 6.5.3.x
1160 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
VPN Local Pool Configuration
The VPN local pool is used to assign an IP Address to the IAP after successful XAUTH VPN.
(host) # ip local pool "rapngpool" <startip> <endip>
Role Assignment for the Authenticated IAPs
Define a role that includes a source NAT rule to allow connections to the RADIUS server and for the Dynamic
Radius Proxy in the IAP to work. This role is assigned to IAPs after successful authentication.
(host) (config) #ip access-list session iaprole
(host) (config-sess-iaprole) #any host <radius-server-ip> any src-nat
(host) (config-sess-iaprole) #any any any permit
(host) (config-sess-iaprole) #!
(host) (config) #user-role iaprole
(host) (config-role) #session-acl iaprole
VPN Profile Configuration
The VPN profile configuration defines the server used to authenticate the IAP (internal or an external server)
and the role assigned to the IAP after successful authentication.
(host) (config) #aaa authentication vpn default-iap
(host) (VPN Authentication Profile "default-iap") #server-group default
(host) (VPN Authentication Profile "default-iap") #default-role iaprole
The default role parameter of the aaa authentication vpn command requires Policy Enforcement Firewall for
VPN users (PEFV) license.
By default, the switch uses the default IAP role. If the administrator changes the IAP role name when the IAP's status
is UP, then the switch or the IAP must be rebooted.
For more information on VPN profile configuration, see the VPN Configuration chapter of the Alcatel-Lucent
Instant User Guide.
Viewing Branch Status
To view the details of the branch information connected to the switch, execute the show iap table command.
Sample Configuration
This example shows the details of the branches connected to the switch:
(host) #show iap table long
IAP Branch Table
----------------
Name VC MAC Address Status Inner IP Assigned Subnet Assigned Vlan
---- -------------- ------ -------- --------------- -------------
Tokyo-CB:D3:16 6c:f3:7f:cc:42:f8 DOWN 0.0.0.0
Paris-CB:D3:16 6c:f3:7f:cc:3d:04 UP 10.15.207.140 10.15.206.99/29 2
LA 6c:f3:7f:cc:42:25 UP 10.15.207.111 10.15.206.24/29 2
Munich d8:c7:c8:cb:d3:16 DOWN 0.0.0.0
London-c0:e1 6c:f3:7f:c0:e1:b1 UP 10.15.207.120 10.15.206.64/29 2
Instant-CB:D3 6c:f3:7f:cc:42:1e DOWN 0.0.0.0
Delhi 6c:f3:7f:cc:42:ca DOWN 0.0.0.0
Singapore 6c:f3:7f:cc:42:cb UP 10.15.207.122 10.15.206.120/29 2
Key Bid(Subnet Name)
--- ----------------
b3c65c...
AOS-W 6.5.3.x | User Guide Instant AP VPN Support | 1044

Table of Contents