Wireless Access

last person joined: 20 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

AM in Trunk Port

This thread has been viewed 0 times

  • 1.  AM in Trunk Port

    Posted May 26, 2015 10:08 AM

    Dear all,

    i have found in the Aurba VRD that we have to put AMs AP in trunk port in order that it have a wireless to wired containment.

    can any one explain it to me please .

    Regards



  • 2.  RE: AM in Trunk Port
    Best Answer

    EMPLOYEE
    Posted May 26, 2015 10:12 AM

    An AM on a trunk port will be able to see the wired ARP traffic to determine if a rogue AP is plugged into one of the trunked VLANs.  An AM on a trunk port can only contain the AP wired on the Native VLAN on that port.  You still have the option to contain wirelessly which works very well.  Other access points that share the same wired VLAN as that rogue AP can also contain it wired.

     



  • 3.  RE: AM in Trunk Port

    EMPLOYEE
    Posted May 26, 2015 10:13 AM

    You can also just spread your APs out across all of your wired user subnets.



  • 4.  RE: AM in Trunk Port

    Posted May 26, 2015 10:20 AM

    so for a full wireless to wired containment, i have to get

    at least one AP in AM mode.

    one AP by Access VLAN

    otherwise  i can use wired 802.1X authentication to prevent rogue AP to connect to the network.



  • 5.  RE: AM in Trunk Port

    EMPLOYEE
    Posted May 26, 2015 10:24 AM
    An AM can contain wired if it is on the same layer 2 subnet as the rogue
    An access point can contain wired if it is on the same layer 2 subnet as the rogue
    An AM or AP can contain an AP wirelessly from either subnet.