Hi again,
We have a RAP implementation that I am subjecting to PEN testing in the coming weeks, and I would like to know any gotcha's and suggestions around locking down AOS. In particular, anything surrounding;
1. Local ENET interfaces on the RAP. E.g. locking down enet0 for uplink, preventing uplink using any other ENET...
2. MGMT interface. E.g. SSH/HTTPS only?
3. LAN interface. E.g. In/Out/Session...
Any help would be appreciated!