Wireless Access

last person joined: 12 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Aruba 205H - Bridged Wired Ports VLAN

This thread has been viewed 1 times

  • 1.  Aruba 205H - Bridged Wired Ports VLAN

    Posted Nov 19, 2015 01:23 PM

    We'll be deploying 205Hs into one of our Residence Halls next month, and a concern came up during the preparation. Currently the students have to go through a Device-Registration VLAN in their dorm rooms - they register their device and are granted access to the network. We will have the student room ports trunked to the 205Hs [Native VLAN - AP VLAN, with Dev-Registration Allowed] where the three-wired ports are then bridged/tagged to the Device-Registration VLAN system. The concern that came up during the preparation process was that I believe we will need *20 AP Groups* at minimum just for this one Residence Hall due to needing a separate Wired-Port-Profile with each switch's Device Registration VLAN-which is composed of 10 Houses with 2 Switches Per House - (Each Switch has a specific Dev-Reg VLAN - 20 Device-Registration VLANs Total). Worst Case, with how I believe profile hierarhcy works, we would then need *40 AP Groups* if we need separate profile groups with 2.4GHz Radios Disabled.

     

    House 1 -> Device Registration 1 - 2.4GHz and 5GHz

    House 1 -> Device Registration 2 - 2.4GHz and 5GHz

    House 1 -> Device Registration 1 - 5GHz Only

    House 1 -> Device Registration 2 - 5GHz Only

     

    However, talking with the switches team/vlan teams, we may beable to get it down to just one device-registration VLAN per house for the 205Hs - which would definitely help as far as profile organization. I was just curious what others would do/have done in a similar situation - if there's a method of avoiding so many wired-port-profiles and in essence parent AP Groups.

     

    Thanks!



  • 2.  RE: Aruba 205H - Bridged Wired Ports VLAN

    EMPLOYEE
    Posted Nov 19, 2015 01:26 PM
    You can use AP-specific profiles as an alternative to creating a bunch of groups.

    Sent from Nine


  • 3.  RE: Aruba 205H - Bridged Wired Ports VLAN

    Posted Nov 19, 2015 01:56 PM

    Ah, good point. I forgot that certain aspects can be inherited, while other pieces can be manipulated at the same time with AP Specific.



  • 4.  RE: Aruba 205H - Bridged Wired Ports VLAN

    EMPLOYEE
    Posted Nov 19, 2015 02:02 PM

    You could also return VLAN IDs via RADIUS.



  • 5.  RE: Aruba 205H - Bridged Wired Ports VLAN

    Posted Nov 19, 2015 03:58 PM
    @cappalli wrote:

    You could also return VLAN IDs via RADIUS.

    Tim, that idea sounds interesting. We recently switched to Clearpass as our campus-wide Radius deployment a few months ago. Do you have a sample config or more information to point me in the right direction. Thanks again for your time.

     

    Chris



  • 6.  RE: Aruba 205H - Bridged Wired Ports VLAN

    Posted Dec 17, 2015 07:36 PM
    Thanks again for the feedback. We were able to get out deployment down to 4 AP Groups - VLAN team was confident enough in getting out bridged vlans down to just 2.