Wireless Access

By default, Master and Local controllers communicate via IPSec Tunnel with factory certificates.

 

What about Centralized licensing messages between master and local controllers? In what way are they sent?

 

IPSec or Clear unencrypted?

 

 

 

 

Hi Kciko,

 

As you have IPsec tunnels between the controllers, the licensing will be exchanged through that IPsec tunnel.

 

 

 

Licenses are syncronised unencrypted.

And ther is no need to encrypt because license is bound to the controller serial and mac when registered.

See also
http://www.arubanetworks.com/techdocs/ArubaOS_63_Web_Help/Content/ArubaFrameStyles/New_Licenses/Multi__Network.htm

Licenses are syncronised unencrypted.

And ther is no need to encrypt because license is bound to the controller serial and mac when registered.

See also
http://www.arubanetworks.com/techdocs/ArubaOS_63_Web_Help/Content/ArubaFrameStyles/New_Licenses/Multi__Network.htm

Hi Marcelkoedjk,

 

From the guide:

 

"Establish secure IPsec tunnels between the primary licensing server controller and the licensing client controllers by enabling control plane security on that cluster of master controllers, or by creating site-to-site VPN tunnels between the licensing server and client controllers. This step is not required, but if you do not create secure tunnels between the controllers, the controllers will exchange clear, unencrypted licensing information. This step is not required for a master-local topology."

 

"If the tunnel is not established by the user, the messages exchanged between the master controllers will be sent in clear."

 

So from that parapgraph, I'd say that if you have IPsec between your controllers that will traffic be encrypted.

 

Additionally: https://community.arubanetworks.com/t5/Controller-Based-WLANs/What-port-numbers-should-be-alllowed-to-enable-centrallized/ta-p/233977

 

 

 

 

Yes, it makes sense.

So, if you have IPSec, license are exchanged in encrypted mode.

 

By default, is IPSec established between controllers ???