Wireless Access

Reply
MVP
Posts: 331
Registered: ‎04-25-2013

AM in Trunk Port

Dear all,

i have found in the Aurba VRD that we have to put AMs AP in trunk port in order that it have a wireless to wired containment.

can any one explain it to me please .

Regards

Raouf CHAHBOUNE
ICT Network & Security Engineer
CCNP R/S | CCNA Security | ACMP|ACDX



[If my post is helpful please give kudos, or mark as solved if it answers your post.]
Guru Elite
Posts: 20,993
Registered: ‎03-29-2007

Re: AM in Trunk Port

An AM on a trunk port will be able to see the wired ARP traffic to determine if a rogue AP is plugged into one of the trunked VLANs.  An AM on a trunk port can only contain the AP wired on the Native VLAN on that port.  You still have the option to contain wirelessly which works very well.  Other access points that share the same wired VLAN as that rogue AP can also contain it wired.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Guru Elite
Posts: 8,456
Registered: ‎09-08-2010

Re: AM in Trunk Port

You can also just spread your APs out across all of your wired user subnets.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
MVP
Posts: 331
Registered: ‎04-25-2013

Re: AM in Trunk Port

so for a full wireless to wired containment, i have to get

at least one AP in AM mode.

one AP by Access VLAN

otherwise  i can use wired 802.1X authentication to prevent rogue AP to connect to the network.

Raouf CHAHBOUNE
ICT Network & Security Engineer
CCNP R/S | CCNA Security | ACMP|ACDX



[If my post is helpful please give kudos, or mark as solved if it answers your post.]
Guru Elite
Posts: 20,993
Registered: ‎03-29-2007

Re: AM in Trunk Port

An AM can contain wired if it is on the same layer 2 subnet as the rogue
An access point can contain wired if it is on the same layer 2 subnet as the rogue
An AM or AP can contain an AP wirelessly from either subnet.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: