IPsec Tunnel Failures

The following behaviors can cause an IPsec tunnel creation failure:

  • Time

    The time in the switch has to be valid and correct. Time issues have been observed on this switch. Ensure that NTP configuration is set up on switch and on the controller where the tunnel is terminating.

  • Authentication

    The switch MAC addresses for both members must be added to the Aruba controller whitelist.

  • Controller IP

    The controller IP must be reachable from the switch.

  • Inner IP pool

    Ensure the inner IP pool is configured on the controller. Tunnel establishment is not successful, if the pool is full.

  • Static Route

    There must not be any conflicting static route in the system for the AirWave IP configured.

  • License

    The controller must have sufficient license to support IPsec tunnels.