Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Block 1701/UDP

This thread has been viewed 1 times

  • 1.  Block 1701/UDP

    Posted Jul 13, 2016 02:13 AM

    Hi All,

    How can I block 1701/UDP in Aruba controller.

     



  • 2.  RE: Block 1701/UDP

    EMPLOYEE
    Posted Jul 13, 2016 02:14 AM
    Add a firewall policy to the user-role.


  • 3.  RE: Block 1701/UDP

    Posted Jul 13, 2016 02:25 AM

    I am not using Aruba controller for VPN termination, so I want to block this port completely  in Aruba controller.

    Actually this is from Aruba hardening guide and there are other port also I want to block, but not sure how.



  • 4.  RE: Block 1701/UDP

    EMPLOYEE
    Posted Jul 13, 2016 02:28 AM
    Like I said, create a new firewall policy that blocks that traffic and then apply it to your user-role.

    http://www.arubanetworks.com/techdocs/ArubaOS_6.4.4.x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/Firewall_Roles/Policies.htm%3FTocPath%3DRoles%2520and%2520Policies%7C_____1


  • 5.  RE: Block 1701/UDP

    Posted Jul 13, 2016 02:46 AM

    So I guess I have to go with Service ACL,

     

    (config) #firewall cp
    (config-fw-cp) #ipv4 deny any proto 17 ports 1701 1701

     

    Correct me if I am wrong.



  • 6.  RE: Block 1701/UDP

    EMPLOYEE
    Posted Jul 13, 2016 09:58 PM

    You are not wrong.