AP-VPN Deployment
20.2 Configuring AP and Controller for AP-VPN Operations
SCALANCE W1750D UI
334 Configuration Manual, 02/2018, C79000-G8976-C451-02
Configuring a Controller for AP-VPN Operations
Controllers provide an ability to terminate the IPsec and GRE VPN tunnels from the AP and
provide corporate connectivity to the branch network.
For AP-VPN operations, ensure that the following configuration and verification procedures
are completed on the controller:
● OSPF Configuration
● VPN Configuration
● Branch-ID Allocation
● Branch Status Verification
Note
This section describes the configuration procedures for the controller to realize generic use
cases. For information on specific deployment scenarios, see
AP-VPN Deployment
(Page 529).
Open Shortest Path First (OSPF) is a dynamic Interior Gateway routing Protocol (IGP) based
on IETF RFC 2328. The premise of OSPF is that the shortest or fastest routing path is used.
The implementation of OSPFv2 allows controllers to deploy effectively in a Layer 3 topology.
The controllers can act as the default gateway for all clients and forward user packets to the
upstream router.
Each AP-VPN can be defined a separate subnet derived from the corporate intranet pool to
allow AP-VPN devices to work independently
To redistribute AP-VPN routes into the OSPF process:
(scalance)(config) # router ospf redistribute rapng-vpn
To verify if the redistribution of the AP-VPN is enabled:
(scalance) #show ip ospf redistribute
To configure aggregate route for AP-VPN routes:
(scalance) (config) # router ospf aggregate-route rapng-vpn
To view the aggregated routes for AP-VPN routes:
(scalance) #show ip ospf rapng-vpn aggregate-routes RAPNG VPN aggregate routes
--------------------------
Prefix Mask Contributing routes Cost
------ ---- ------------------- ---- 201.201.200.0 255.255.252.0 5 268779624
100.100.2.0 255.255.255.0 1 10
To verify the details of a configured aggregated route:
(scalance) # show ip ospf rapng-vpn aggregated-routes <net> <mask>
To Next Page
Loading...
Need help?
General
