Users Guide
Dell PowerConnect W-Series Instant Access Point 6.2.0.0-3.2.0.0 | User Guide 285 | IAP-VPN
Appendix C
IAP-VPN
The IAP-VPN functionality on the controller release provides the ability to terminate VPN and
GRE tunnels from the W-Instant AP and provides corporate connectivity to the branch W-
Instant AP network.
VPN features are ideal for:
l enterprises with many branches that do not have a dedicated VPN connection to the HQ.
l branch offices that require multiple APs.
l individuals working from home, connecting to the VPN.
This new architecture and form factor seamlessly adds the survivability feature of W-Instant APs
with the VPN connectivity of RAPs — providing corporate connectivity to branches.
All Dellcontrollers that are supported on the DellOS 6.2.0 release will work on IAP-VPN 6.1.3.1.
Licensing Requirements
The following table lists the licensing requirements for IAP-VPN functionality:
Table 49- Licensing Requirements for IAP-VPN
License Name Supported Functionality Limitations
Base OS (Without license)
IPSec tunnel works with
both internal and external
DBs.
l IPSec tunnel does not
work with internal DB
for version 6.1.3.1. A
minimum of one AP
license is required to
add a W-IAP MAC
address in localDB.
l No support for DRP.
l Roles cannot be edited.
Only PEF-V license
You can edit the default-
role inside aaa auth VPN
default-iap. A new user
role can be created with
src-nat rule and applied to
default-iap VPN profile.
—
Only NG-PEF license
You can edit the user-role
logon.
default-role in default-iap
VPN profile cannot be
edited. However, the W-
IAP is assigned with a
default-vpn-role, which can
be edited to include the
src-NAT rule.