03-09-2012 02:20 AM
On my controller I have 2 different types of connected APs.
1. APS with 802.1x ssid in bridge mode
2. Mesh portal/points with guest portal in tunnel mode
In the OS I am using when I tried to put the APS in group 1 to bridge mode I got a warning that I had to enable cpsec to do so. As this is a global command also the mesh APS in group 2 are forced to do cpsec.
Question 1: I am using only internal lan links here so I don't want to use cpsec at all. Is there a way to use bridge ssids without cpsec ?
Question 2: Can I disable CPSEC on the mesh AP group to save bandwidth on the mesh link ?
03-09-2012 03:09 AM
CPSEC is global, so if you enable it, it will enable it for all devices. Enabling CPSEC can can cause your APs to be down for at least a few minutes while they get certificates, but when you do, it is done. Make sure auto cert provisioning is on.
You can make a Virtual AP bridged or an ethernet port bridged by provisioning an access point as a Remote AP, without turning on CPSEC.
Turning on CPSEC does not save bandwidth on mesh links.
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base