IPsec Tunnel Failures

The following behaviors can cause an IPsec tunnel creation failure:

• Time

  The time in the switch has to be valid and correct. Time issues have been observed on this switch. Ensure that NTP configuration is set up on switch and on the controller where the tunnel is terminating.

• Authentication

  The switch MAC addresses for both members must be added to the Aruba controller whitelist.

• Controller IP

  The controller IP must be reachable from the switch.

• Inner IP pool

  Ensure the inner IP pool is configured on the controller. Tunnel establishment is not successful, if the pool is full.

• Static Route

  There must not be any conflicting static route in the system for the AirWave IP configured.

• License

  The controller must have sufficient license to support IPsec tunnels.