Controller-less WLANs

How do I stop clients of different VLAN connecting to same Instant AP from talking to each other?

Aruba Employee

Question:  How do I stop clients of different VLAN connecting to same Instant AP from talking to each other?

 

Introduction:

Instant AP as an individual AP or as a part of Instant cluster works in Layer-2 and acts as an extension  

of wired L2 switch.  So you would have to have an L3 switch or a router upstream from the VC clusters where the client default gateway resides and routes the traffic.

 

But, to ease the inter vlan communication, Instant AP comes with "Deny Local Routing" (by default disabled) feature that allows you to route traffic between clients which are connected to the same IAP or are on the same Instant network.  

 

Environment: This article applies to Aruba Instant Access Points running InstantOS version 6.1.3.4-3.1.0.0 or later.

 

Configuration Steps:  
The "Deny local routing" option is disabled by default. When deny is disabled, it means it allows two wireless clients connected to the same IAP, by routing the traffic locally on IAP.

If "deny local routing"  feature is enabled , it means deny is enbaled and the traffic has to reach external router or firewall for routing.

To enable "deny local routing" in Instant AP, follow these steps:

    1.Log into Instant AP web interface
    2.Click on "System" from the top menu.
    3.On the System pop-up window, click on "Show advance options"
    4.From the list of the features, locate "Deny local routing" and select Enabled from the dropdown.
    5.Click OK.


Following figure shows the "Deny local routing" feature in the "system" pop-up menu.

 

 rtaImage.jpg

 

 

Version history
Revision #:
2 of 2
Last update:
‎07-04-2014 09:41 PM
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.