Aruba Instant & Cloud Wi-Fi

Reply
New Contributor
Posts: 2
Registered: ‎04-29-2015

Aruba Instant Best Practices

Hi there. I am a long time Wireless Engineer but first time Aruba user. Just wondering what are the best practices for an Aruba Instant for a production environment, particularly when it comes to the more dynamic type of services.

For example:

Client Match on/off ?

Application Security on/off ?

Use ARM or have fixed Channels, Transmit power ?

Site is question is very small, 3 AP’s approx. 60 client devices.

Any advice greatly appreciated!

Thanks

Valued Contributor II
Posts: 804
Registered: ‎12-01-2014

Re: Aruba Instant Best Practices

Hi,

As a best practice, keep ARM and CM config as default and APP RF as per your requirement, if you want to enable application fitering and control then you work with AppRF other wise leave it.

 

Other important beast practices are,

1. Keep number of SSIDs as less as possible ( under 8)

2. Keep disable extended SSID

3. Try to avoid using internal DHCP if possible

4. Manage IAPs through Central if possible

5. Configure stringent policies and enable Enterprise level (Dot1x) security for internal employees and enable Guest access for Guests with walled garden.

 

Hope you got more clarity on this. please feel free for any further help on this.

Cheers,
Venu Puduchery,
[Is my post helped you ? Give Kudos :) ]
MVP
Posts: 952
Registered: ‎04-13-2009

Re: Aruba Instant Best Practices

To add a bit more meat to the recommendation of keeping the number of SSIDs to a minimum...

 

I'd recommend having a look at the following SSID overhead calculator that Andrew von Nagy created..

 

http://www.revolutionwifi.net/revolutionwifi/p/ssid-overhead-calculator.html

 

If you're using more than 3 I'd serousuly look at your wireless design...

 

Cheers

James

Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
MVP
Posts: 4,238
Registered: ‎07-20-2011

Re: Aruba Instant Best Practices

- If you are using an IAP with two ports make sure you connect your cable to e0

- Don't use VLAN1 for your wireless networks if you have another VLAN assigned for Mgmt

- I suggest enabling Drop broadcast / multicast (Broadcast Filtering) if you don't have any Applications that required Multicast 

- Disable lower data rates under each SSID if you are not supporting any devices that required these.

- If you are using different types of IAPs make sure that all those are running the same version Instant OS before joining the Cluster

- By default in ARM 80Mhz channels is enabled by default so make sure that the 802.11a DFS channels are enabled otherwise you will have only 2 channels to work with.

- By default in ARM the power is set to Max EIRP to Max and Min EIRP to Min you probably want to set these to 18/9 but this value will also depend on how your IAPs are distributed accross your environment.

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
New Contributor
Posts: 2
Registered: ‎04-29-2015

Re: Aruba Instant Best Practices

Thanks for your response Venu !

I have been told that using Client Match on a heavly loaded IAP service can lead to issue issues.

Is this your experience ?


dhanraj_puduchery@yahoo.com wrote:

Hi,

As a best practice, keep ARM and CM config as default and APP RF as per your requirement, if you want to enable application fitering and control then you work with AppRF other wise leave it.

 

Other important beast practices are,

1. Keep number of SSIDs as less as possible ( under 8)

2. Keep disable extended SSID

3. Try to avoid using internal DHCP if possible

4. Manage IAPs through Central if possible

5. Configure stringent policies and enable Enterprise level (Dot1x) security for internal employees and enable Guest access for Guests with walled garden.

 

Hope you got more clarity on this. please feel free for any further help on this.


 

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: