Manualshelf

Concept Guide

ManualsBrandsDell ManualsAccess PlatformsW-Series 304/305 Access Points
381382383384385386387388389390
389 | IAP-VPN Deployment Scenarios Dell Networking W-Series Instant 6.4.3.1-4.2.0.0 | User Guide
Scenario 3—IPSec: Multiple Datacenter Deployment with Primary
and Backup Controllers for Redundancy
This scenario includes the following configuration elements:
l Multiple controller deployment model with controllers in different datacenters operating as primary/backup
VPN with fast-failover and pre-emption enabled.
l Split tunneling of traffic.
l Split tunneling of client DNS traffic.
l Two Distributed L3 mode DHCPs, one each for employee and contractors and one Local mode DHCP
server.
l RADIUS server within corporate network and authentication survivability enabled for branch survivability.
l Wired and wireless users in L3 and NAT modes respectively.
l Access rules for wired and wireless users with source NAT based rule for contractor roles to bypass global
routing profile.
l OSPF based route propagation on controller.
Topology
Figure 123 shows the topology and the IP addressing scheme used in this scenario.
Figure 123 Scenario 3—IPSec: Multiple Datacenter Deployment with Primary and Backup Controllers for
Redundancy
The IP addressing scheme used in this example is as follows:
l 10.0.0.0/8 is the corporate network.
l 10.30.0.0/16 subnet is reserved for L3 mode –used by Employee SSID.