AP-VPN Deployment
20.2 Configuring AP and Controller for AP-VPN Operations
SCALANCE W1750D UI
336 Configuration Manual, 02/2018, C79000-G8976-C451-02
V 53.43.43.32/27 [10/0] ipsec map
V 54.44.44.16/28 [10/0] ipsec map
C 9.9.9.0/24 is directly connected, VLAN9
C 10.15.148.0/24 is directly connected, VLAN1
C 43.43.43.0/24 is directly connected, VLAN132
C 42.42.42.0/24 is directly connected, VLAN123
C 44.44.44.0/24 is directly connected, VLAN125
C 182.82.82.12/32 is an ipsec map 10.15.149.69-182.82.82.12
C 182.82.82.14/32 is an ipsec map 10.17.87.126-182.82.82.14
The following VPN configuration steps on the controller enable the APs to terminate their
VPN connection on the controller:
Whitelist Database Configuration
The whitelist database is a list of the MAC addresses of the APs that are allowed to establish
VPN connections with the controller. This list can be either stored in the controller database
or on an external server.
You can use the following CLI command to configure the whitelist database entries if the
controller is acting as the whitelist database:
(scalance)# whitelist-db rap add mac-address 00:11:22:33:44:55 ap-group test
The
parameter is not used for any configuration, but needs to be configured. The
parameter can be any valid string.
If an external server is used as the location for the whitelist database, add the MAC
addresses of the valid APs in the external database or external directory server and then
configure a RADIUS server to authenticate the APs using the entries in the external
database or external directory server.
To Next Page
Loading...
Need help?
General
