Security

Reply
Valued Contributor I

HP 2930F switch/Airgroups and a Mobility Controller

Hi,

So, I've got a 2930 F switch plumbed into our network and talking RADIUS 802.1x auth to our Clearpass server. Swith uplink connectes to one of our 5510 .However ......

 

What I was interested in was enabling Airgroup connectivity for wired devivces on the switch so that they are part of the airgroup domain defined on our mobility controller.

 

I *thought* that there was a presentation at the last Atmosphere that showed a switch tunneling to a mobility controller and allowing controoler policies and acls to be applied to devices on the switch. Looking at the application where a study bedroom would have airgroup access on the WiFi network ( WPA2-Enterprise and WPA2-PSK) and on the wired ( 2930F switches) and use clearpass guest t ocontrol it all ..... 

 

If the above is correct,m can anyone point me at the appropraite documentation?

Rgdd

Alex

 

Guru Elite

Re: HP 2930F switch/Airgroups and a Mobility Controller

Wired AirGroup servers can be discovered on the wire using the AP multicast aggregation features in ArubaOS.

There is no official/supported method for wired clients (Aruba switches or not) to discover servers advertised by the controller.

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Valued Contributor I

Re: HP 2930F switch/Airgroups and a Mobility Controller

Hmmm I had a 5130 switch configured to have a tagged vlan into a router. mobility controller also had an interface on same vlan. Ran Chromecast and apple TV devices authenticated onto the wired vlan  and were visible to the controller. Could use android and ios devices to stream music and video from wpa2-enterprise snd wpa2-psk devices to the wired ones 

Thought there was a switch config option to treat the switch as a "RAP" in order to connect it to the controller. roles and policies could then be applied to switch users with traffic going via mobility controller. 

 

 

Guru Elite

Re: HP 2930F switch/Airgroups and a Mobility Controller

Yes, there are definitely ways to get it to work, but most are not officially supported.

Are you referring to tunneled-node? That will forward all traffic though, not just SSDP and mDNS advertisements. Take a look at the ClearPass Solution Guide for Wired Policy Enforcement.

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Valued Contributor I

Re: HP 2930F switch/Airgroups and a Mobility Controller

That sounds promising. thx

A

Valued Contributor I

Re: HP 2930F switch/Airgroups and a Mobility Controller

Now that's a good document.

Got a pair of 2930F's and 2930M's configured as two stacks plumbed into our clearpass server .... just need to get them talking to our mobility controller

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: