The following image illustrates a sample topology for a redundant Tunnel Concentrator deployment where ExtremeCloud IQ (Classic) is the management application. This deployment includes redundant tunnels with each tunnel leading to a Tunnel Concentrator service that includes an HA pair of instances.
| Universal Compute Platform | ExtremeCloud IQ | ||||||
|---|---|---|---|---|---|---|---|
| Hostname | IP Address | Tunnel Conc. Instance | Tunnel Conc Service | Tunnel IP Address (VRRP) | IP Address ( tunnel termination) | Role in HA Pair (per instance) | Tunneling Role in User Profile (per service) |
| UCP_01 | 10.10.10.1 | TC_01 | TC_Svc_01 | 10.10.10.40 | 10.10.10.4 | Primary | Primary |
| UCP_02 | 10.10.10.60 | TC_02 | 10.10.10.62 | Backup | |||
| UCP_03 | 10.10.10.181 | TC_03 | TC_Svc_02 | 10.10.10.212 | 10.10.10.182 | Primary | Secondary |
| UCP_04 | 10.10.10.201 | TC_04 | 10.10.10.202 | Backup | |||
This example uses an alternative configuration flow that differs from the configuration that is presented in the ExtremeCloud IQ (Classic) Configuration chapter. Because the configuration example does not use Layer 2 roaming or a tunnel policy, you can complete the configuration from the network policy by drilling down into multiple configuration layers, assigning settings, and then reversing out, while saving the configuration in the reverse order from which it was applied.
The following image illustrates the configuration flow for this example.
You require four new Tunnel Concentrator installations that are installed on different appliances, but which are not onboarded to ExtremeCloud IQ. For this example, assume that the four Serial Numbers are: TC_01, TC_02, TC_03, and TC_04.
You require existing Network Policy and SSID configurations in place on ExtremeCloud IQ so that you can add Tunnel Concentrator settings to these configuration elements. This example uses Sample_Network and Sample_SSID as the existing configurations.
The example assumes that you want to configure a new user profile and a new Tunnel Concentrator service. However, you have the option to edit existing configurations.
The example assumes that you are not using a tunnel policy and are not configuring Layer 2 roaming.
Tunnel Concentrator onboarding to ExtremeCloud IQ
Network Policy configuration and deployment
Tunnel Concentrator Onboarding to ExtremeCloud IQ
On ExtremeCloud IQ (Classic), go to .
Select 
(Add) and then .
In the Serial Number field, enter each Tunnel Concentrator serial number, separated by a comma.
From the Policy drop-down, select the network policy.
Select Add Devices.
Each device gets onboarded to ExtremeCloud IQ, and gets assigned to your network policy.
Network Policy Configuration and Deployment
The remaining configuration can be completed from the Network Policy configuration.
Go to and select your network policy. For example, Sample_Network.
Select 2 Wireless.
Select the SSID to which you want to apply Tunnel Concentrator settings. For example, Sample_SSID.
Under User Access Settings, and for the Default User Profile, select the adjacent to create a new default user profile to hold the Tunnel Concentrator settings.
Note
In this example, you are creating a new user profile. However, you can also select and edit an existing profile.
To assign your user profile as non-default profile, select Apply a different user profile to various clients and groups, then select or create the user profile. Next, configure assignment rules to determine when the non-default profile gets applied instead of the default profile
For the newly created user profile, configure the following settings.
Enter a Name for the new profile. For example, Sample_User_Profile.
For Connect to, select VLAN and assign a VLAN ID. For example, 1530.
Select the Traffic Tunneling tab and toggle Traffic Tunneling (GRE) to ON.
Note
If you have an existing tunnel policy that points to a Tunnel Concentrator service, you can reuse that policy's Tunnel Concentrator settings in the user profile. Select Re-use Tunnel Policy
and select the policy. The Tunnel Concentrator service from the policy gets assigned as Tunnel Destination in the user profile.Select Tunnel Concentrator and then configure the tunnel destination with primary and secondary tunnels.
For Primary, select the adjacent to
create a new Tunnel Concentrator service to act as
primary tunnel destination for this profile.
In the New Tunnel Concentrator Service window, assign the following settings:
Name=TC_Svc_01
Redundant Tunnel Concentrator
Tunnel IP Address/CIDR=10.10.10.40/24
VRRP Router ID=1
Native VLAN ID=1530
Device Tunnel Concentrator=TC_01
Tunnel Port=Port 1
VLAN ID= 15
IP Address=10.10.10.4
Bridge Port=Port 3
Device Tunnel Concentrator=TC_02
Tunnel Port=Port 1
VLAN ID=15
IP Address=10.10.10.62
Bridge Port=Port 3
Leave the keepalive settings at their default values.
Select Save to save the new Tunnel Concentrator service.
The new Tunnel Concentrator service displays as Primary tunnel destination within the User Profile configuration.
For Secondary, select the adjacent and
create the secondary Tunnel Concentrator service using
the TC_03 and TC_04 instances and the addressing from
Redundant Tunnel Concentrator Configuration
Example for ExtremeCloud IQ.
Once the Primary and Secondary tunnel destinations are assigned, select Save User Profile.
The new user profile with the Tunnel Concentrator settings displays as Default User Profile within the SSID configuration. The VLAN from the user profile is default VLAN for the SSID.
Select Save to save the SSID configuration.
Deploy the network policy to affected APs and Tunnel Concentrators using a delta push.