01-23-2015 02:34 AM
Yes we need PEF license for working with roles and policies.
Please feel free for any further query on this.
[Is my post helped you ? Give Kudos :) ]
01-23-2015 09:54 AM
Hi Venu ,
Thanks for the reply.
We are having totally 384 AP count license and 384 PEFNG license in master controller . And in our network , we will be installing nearly 300 AP's. I will configure the license server ip in dmz controller as master controller.So , whether the remaining PEFNG license is enough for DMZ controller to configure user policies ? Or do we need to have separate 300 PEFNG license in master controller.
01-23-2015 09:58 AM
01-23-2015 05:29 PM
01-24-2015 06:44 AM
Thanks Mr.Tim . We will configure the centralized licensing and we will test the same. By the way we are having firewall in between master and dmz controller. do we need to enable other ports than below for license transfer?
GRE (protocol 47) if tunneling guest traffic over GRE to DMZ controller.
- IKE (UDP 500).
- ESP (protocol 50).
- NAT-T (UDP 4500).
01-24-2015 06:46 AM
01-24-2015 11:36 PM
Hi Mr.Tim ,
Thanks for the reply. I have studied in the user guide that without pefng license we can able to acheive the captive portal settings and initial roles will be created automatically for captive portal.
Actually we want guest users get authenticate using captive portal in DMZ controller and after that they can access internet. So do we need any other roles to be created manually in DMZ controller apart from automatic roles and policies?
01-25-2015 01:02 AM
in the Aruba Licencing System
# of Active AP = # Min Licences (AP , PEFNG, WIPS)
so the best is to get
AP licences= PEFNG licences.
in general PEFNG licence is not requested but very recommended, and in your case it is requested (for the guest and the guest logon roles)
if you have more than one controller you can use Licencing server.
ICT Network & Security Engineer
CCNP R/S | CCNA Security | ACMP|ACDX
[If my post is helpful please give kudos, or mark as solved if it answers your post.]