Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Instant AP Guest VLAN on trunk

This thread has been viewed 1 times

  • 1.  Instant AP Guest VLAN on trunk

    Posted Dec 02, 2011 11:09 AM

    Okay i got  serveral instant APs on the campus, i got 2 internal Wireless network they both are TRUNK to the core so the CORE its routing everything


    Now i want to put a guest network also

    But it seems that when i create a new SSID and also put GUEST for the guest network, and i click on client ip assignment on vlan id for example i put vlan 200 its like on gray like if its not working.. and well its not working... if i do the same for employee it does works perfectly and the vlan id is not gray.

     

    I know i need also a ip address on that guest VLAN so the captive portal can work... at least  thats how ineed to do it when i got a normal controller. 

    I see no way to put this ip on the IAP...


    The deployment got this vlans

    The IAP Vlan  which is  the network that got all the IPS of all the Instant APS

    2 Internal Networks which got their interface vlans on my CORE SWITCH  and i use a trunk from the IAP to the CORE and well the CORE is routing those networks.

     

    i want to add one Guest Network which it seems i cannot trunk it... if i try to ping the default gateway of that vlan which is on the core swtich i cannot ping it  i cannot ping anywhere... to test my trunks and configuration on my swtiches and core swtich i changed the guest network for an employee network and it works good when i change it back to guest it doesnt work again...

     

    I would like that all the networks being routed on my SWitch core...

     

    Also another question

    For the users you create for the guest network its not available the user time expiration? like with the WC?

     

     



  • 2.  RE: Instant AP Guest VLAN on trunk

    Posted Dec 02, 2011 01:03 PM

    As I understand it today the current release Guest functionlality is designed to use the controller assigned IP addressing and the client traffic will be NAT'ed to the virtual controller address. I will do some digging around and if I find out anything different, I will post my findings later today.



  • 3.  RE: Instant AP Guest VLAN on trunk

    Posted Dec 02, 2011 01:32 PM

    yes thats what i saw on the User guide but i still wanted to know if it was possible to do what i wanted...

     

    Cheers

    Carlos



  • 4.  RE: Instant AP Guest VLAN on trunk

    Posted Dec 02, 2011 02:52 PM

    Hi Carlos,

     

    You can try it on version 6.1.2.3.X

     

     

    There are no way to configure a expiration time for internal guest users..

     

    Thanks,

     

    Ed



  • 5.  RE: Instant AP Guest VLAN on trunk

    Posted Dec 02, 2011 03:04 PM

    I already tried with that version

    You can select it as you put inthe screenshot but okay try do next next next and finish it

    Then try to edit it and you will see the vlan id will turn to gray... you can select it and put another vlan if you want but is not like an employee vlan in which if you go to edit it, it wont be gray it will be normal..

     

    Even if i try it like that it doesnt work...