Hi,
we've got a new requirement which is to tunnel trafic on port udp 4500, which is coming from an Aruba wifi controller MD on a remote site, to an Aruba controller MM which is at HQ.
Setup thus looks like :
MM - CP VSX VPN - internet - CP VPN GW - MD
VSX VPN = 80.30
GW = 77.20
The vpn community is setup that udp port 4500 (defined as IKE_NAT_TRAVERSAL) is actually excluded.
Basically meaning that udp port 4500 trafic going from MD to MM will be dropped since private addresses are used.
Aruba is unable to change the port.
We've already tested a setup where we assigned a public ip to MM, and connected this way successfully. But i was wondering if there is another way to avoid this? And not expose the MM to the public internet. Someone hinted that if we define a new service udp_4500 and create rulebases specific on that service it could work. Has anyone faced a similar issue and found a solution?