Dell 6.2 Server User Manual

Open as PDF

of 869

Figure 173: Sample Split Tunnel Environment

Figure 173 displays corporate traffic is GRE tunneled to the controller through a trusted tunnel and local traffic is

source NATed and bridged on the wired interface based on the configured user role and session ACL.

Configuring Split Tunneling

The procedure to configure split tunneling requires the following steps. Each step is described in detail later in this

chapter.

NOTE: The split tunneling feature requires the PEFNG license. If you do not have the PEFNG license on your controller, you must

install it before you configure split tunneling. For details on installing licenses, see "Software Licenses" on page 100.

1. Define a session ACL that forwards only corporate traffic to the controller.

a. Configure a netdestination for the corporate subnets.

b. Create rules to permit DHCP and corporate traffic to the corporate controller.

c. Apply the session ACL to a user role. For information about user roles and policies, see Roles and Policies on

page 296.

2. (Optional) Configure an ACL that restricts remote AP users from accessing the remote AP local debugging

homepage.

3. Configure the remote AP’s AAA profile.

a. Specify the authentication method (802.1x or PSK) and the default user role for authenticated users. The user

role specified in the AAA profile must contain the session ACL defined in the previous step.

b. (Optional) Use the remote AP’s AAA profile to enable RADIUS accounting.

4. Configure the virtual AP profile:

a. Specify which AP group or AP to which the virtual AP profile applies.

b. set the VLAN used for split tunneling. Only one VLAN can be configured for split tunneling; VLAN pooling is

not allowed.

c. When specifying the use of a split tunnel configuration, use “split-tunnel” forward mode.

d. Create and apply the applicable SSID profile.

NOTE: When creating a new virtual AP profile In the WebUI, you can also configure the SSID at the same time. For information

about AP profiles, see "Understanding AP Configuration Profiles" on page 396.

5. (Optional) Create a list of network names resolved by corporate DNS servers.

DellPowerConnectW-SeriesArubaOS6.2 | User Guide RemoteAccessPoints | 536

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Dell 6.2 Server User Manual