12-19-2012 09:11 AM
Not sure if I'm missing it but I don't know my next step in setting up AirPlay for location-based restrictions.
I'm running 220.127.116.11-AirGroup successfully in an Integrated deployment with CPPM 18.104.22.168054.
I have AirPlay set to only work on two VLANs currently and it seems to work perfectly with the user device registration - where the client device is unable to see the server device (iPhone -> AppleTV) unless I register or share that device with them.
How do I begin to distinguish if a user is in the area? Does the controller need something setup to send? Do I start with the ClearPass Policy Manager (I see all the 'AirGroup Authorization Service' accepted logs there)? Or is that piece in the ClearPass Guest part?
I believe I used to see some information on the controller with show airgroup aps but that only returns Module MDNS Proxy is busy. Please try later for me now. Even though show process monitor statistics doesn't have any restarts for mdns anymore. I used to get that Proxy Busy error a lot - but now all the airgroup commands seem to work everytime other than the aps one.
Solved! Go to Solution.
12-19-2012 09:48 AM
You can use the airgroup_shared_location field to specify location restrictions for the AirGroup sharing.
This field has to have a certain format; see the field help for precise details. But you should be able to share a device with other users associated with a specific access point (by AP-Name), or with other users associated with a specific group of access points (by AP-Group), or with other users in a specific location (by FQLN).
I believe you will need to set up FQLNs for each AP if you want to use that, or create specific AP Groups if you want to use that method instead.
04-17-2015 06:39 AM
There are some important issues regarding AirGroup to take into consideration.
Depending on you deployment you may not run into any of these hard limitations. But in larger environments you may face that Apple have a hard coded limit of 64 AirGroup servers, like Apple TV’s, to be displayed on any Apple device.
If you have a big building with a lot of Apple TV's it may become inconvenient to use the AP-group as filter for Apple TV visibility. Also assuming a big deployment filtering on AP-group name is not convenient as it will generate a large number of AP groups.
Instead share the Apple TV to the AP it connects to. From Aruba OS 6.3.3 (?) not 100 % sure of version, AirGroup will create a list of all neighboring AP's.
This way a user may see the Apple TV if the device is connecting to any AP just one hop away from the AP configured.