Is the firewall configuration pushed from master to local controller?

Aruba Employee
Q:

Is the firewall configuration pushed from master to local controller?



A:

We have in-built firewall functionality in Aruba controller which is used to configure parameters on a global level on the controller.

 

For example:

(Aruba7210) (config) #show firewall

Global firewall policies
------------------------
Policy                                       Action                                            Rate       Port
------                                       ------                                            ----       ----
Enforce TCP handshake before allowing data   Disabled
Prohibit RST replay attack                   Disabled
Deny all IP fragments                        Disabled
Prohibit IP Spoofing                         Disabled
Monitor ping attack                          Disabled
Monitor TCP SYN attack                       Disabled

..
 

We can make changes to it in configuration mode:

(Aruba7210) (config) #no firewall prohibit-ip-spoofing

OR

(Aruba7210) (config) #firewall prohibit-arp-spoofing

 

However, these changes are not pushed from master controller to local controllers. They need to be configured individually on each controller.

Version history
Revision #:
2 of 2
Last update:
‎06-10-2015 04:52 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: