Controller-less WLANs

How to restrict Instant AP management access only to certain subnets?

Aruba Employee

Introduction :

 

WLAN administrators, have always been asking for a way to restrict employees and guest users from accessing Instant management. With this feature of "Management Subnets", administrator can make sure that Instant CLI, SSH and UI are accessed only from management subnets.

Instant allows you to configure management subnets and restrict access to the corporate network in order to prevent unauthorized users from accessing the corporate network

 

Feature Notes :

 

Clients initiating connection from subnets other than the one mentioned in "Managed Subnets" is denied to manage IAP

 

Environment : This article applies to Aruba Access Points running InstantOS version 6.3.1.1-4.0 and above.

 

Configuration Steps :

 

Following screenshots from IAP web interface shows how to configure management subnets:

1. Login to IAP web interface and from the main menu, click Security:
 


User-added image


2. Click on 'Firewall Settings" tab and add the management subnets along with subnet mask:



User-added image

Following figure shows the configuration from CLI:
 


User-added image

Version history
Revision #:
1 of 1
Last update:
‎07-05-2014 06:14 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.