Training and Certification

0 Kudos

IAP GUEST Design

Status: New
by dualie ‎05-01-2014 02:47 PM

Question regarding Guest design for IAPs.

In a controller environment, a hardened Ethernet port gets directed to a firewall port, or DMZ for guest traffic. Thus, physically separating the guest traffic from the corporate LAN.  But with IAP’s/ virtual controllers I don’t have that option.

 

How do I prevent guest traffic from hitting the LAN, other than using Firewall rules to prevent that specific destination? What’s the best approach?

 

Thanks Stefan

Comments
seadr

Stefan,

Check out this link and see if it helps:

https://socifi-doc.atlassian.net/wiki/display/SC/Aruba+%28IAP+virtual+controller+mode%29+configuration

 

On the Step 2, Client VLAN assignment, I would chose Custom and use/create a Guest VLAN.

 

Again, I am not sure if this answers your question or not; as I don't know how is your network setup.

 

S.R.