08-15-2016 12:00 AM
I'm new to aruba, need your help is setting up a wired network on Aruba controller 620 running on Aruba OS 6.3. Basically we need to setup a separate VLAN for our production network on the controller and apply firewall policies so it has access to only few set of servers in the datacenter.
Here is what i have figured out so far, appreciate if you can validate and advise if this approcach is correct.
- Create a new layer 3 vlan interface on the controller.
- Set the Vlan interface as untrusted.
- Create a new firewall polices and define the services to be allowed
- Apply the firewall policy to the new vlan interface
Please let me knoww if i'm missing something
08-16-2016 03:35 AM
If you set the VLAN interface as untrusted it will cause all connections to undergo authentication. It doesn't sound like you want this.
Why are you applying ACL's to a VLAN interface? Are there wired users in the VLAN and you want to use the Aruba controller to do firewalling? If it is just wireless users then make their user role have the correct access policy.
ACDX #98 | ACMP | ACCP