Wireless Access

Reply
Regular Contributor I
Posts: 187
Registered: ‎10-20-2010

Branch Controller Security

Looking for some assistance in locating documentation which describes how the outside interface of a Branch Controller connected to a VPN tunnel is secured.  For instance a Cisco ASA firewall has the concept of a defined outside insterface that blocks all by default.  Aruba has all ports as untrusted but in the case of the Branch controllers there is a DHCP port (last controller port) that allows some types of access for the Zero Touch Provisioning.  Is there a guide that shows what ports are open on this interface?  It must allow IPSec 50, 4500, DNS, DHCP etc...  Is this like an ACL assigned to that port by default I can look at to see what access is allowed?

 

 

Guru Elite
Posts: 8,774
Registered: ‎09-08-2010

Re: Branch Controller Security

You can add a session ACL to the interface if it's Internet facing.

Sent from Nine<>

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Regular Contributor I
Posts: 187
Registered: ‎10-20-2010

Re: Branch Controller Security

Thanks Tim.  I am going to look at one later I do not have any in branch mode but I have to assume there is a default ACL already applied OR the port allows all.

 

 

Guru Elite
Posts: 8,774
Registered: ‎09-08-2010

Re: Branch Controller Security

Unless you've configured otherwise, the port should be trusted.

Sent from Nine<>

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: