Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Configuring Tunnel Node Server on AOS-S Switches
HPE Aruba Networking Central allows you to configure tunneled node on switches. The tunneled node connects to one or more client devices at the edge of the network and then establishes a secure Generic Routing Encapsulation (GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network.) tunnel to the controlling concentrator server. You can configure either Port-Based Tunnel or User-Based Tunnel using UI groups.
To modify the reserved VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN., change the mode to and click, then change the mode back to .
The configuration cannot be modified when tunneled clients are active.
To configure a tunneled node on the switch, complete the following steps:
- In the WebUI, select one of the following options:
- To select a switch group in the filter:
- Set the filter to a group containing at least one switch.
The dashboard context for the group is displayed.
- Under , click > .
- Click the AOS-S or icon to view the switch configuration dashboard.
- Set the filter to a group containing at least one switch.
- To select a switch in the filter:
- Set the filter to or a group containing at least one switch.
- Under , click > .
A list of switches is displayed in the view.
- Click a switch under .
The dashboard context for the switch is displayed.
- Under , click .
The tabs to configure the switch is displayed.
- To select a switch group in the filter:
- Click > . The Tunnel Node Server page is displayed.
- Configure the following parameters.
Name
Description
Value
The mode of tunneling from the drop-down:
- —Switch does not tunnel traffic.
- —Allows the switch to tunnel traffic to an Aruba controller on a per-port basis.
- —Allows the switch to tunnel traffic to an Aruba controller on an assigned user role basis.
, , or
The IP address of the primary gateway.
A valid IPv4 address
The IP address of the backup gateway. This field is optional.
A valid IPv4 address
The reserved VLAN ID to tunnel traffic to an HPE Aruba Networking controller. This field is available only for User-Based tunnel.
The default VLAN or a VLAN that is already configured cannot be used as a reserved VLAN. To view the list of configured VLANs, navigate to > .
Numeric value
- Click .
For more detailed information, refer to Dynamic Segmentation The Dynamic Segmentation feature is Aruba’s security architecture that provides the ability to dynamically assign roles to a wired port based on the access method of a client and enforce application-aware policies to all devices connecting to the infrastructure. white paper at https://www.arubanetworks.com/assets/so/SO_Dynamic-Segmentation.pdf
