Wireless Access

last person joined: 20 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Same device in Multiple Device Groups

This thread has been viewed 2 times

  • 1.  Same device in Multiple Device Groups

    Posted Mar 28, 2013 09:44 AM

    Hi,

     

          On the deployment as depicted below (Note WLC is deployed in H-REAP mode):

          Data Center            |              Branch Location-1
                                            |
      Cisco WLC ------------|---------Router----Switch-------AP
       |                                   |
      AMP                             |

                                           |             Branch Location-2

                                          |

                                           | --------Router----Switch-------AP

     

        If I need to configure 2 device group one for each branch location can I put WLC in both the device group in the Airwave Configuration. Or what is the suggested configuration for these type of deployments.

     

    Thanks,

    Tuhin



  • 2.  RE: Same device in Multiple Device Groups

    EMPLOYEE
    Posted Apr 02, 2013 11:32 PM

    I'd suggest having a 3rd group where the WLC resides.  In the end, you'd have 3 groups.

    WLC

    Branch 1

    Branch 2

     

    You should not add a device into AMP twice as this will cause database issues.  (AMP expects unique IP and MAC addresses for devices).



  • 3.  RE: Same device in Multiple Device Groups

    Posted Apr 04, 2013 05:09 AM

    Hi Rob,

     

                   Thanks for the reply. One of the requirement I have for this deployment was Rogue AP detection.

                   I have a question on this, once the AMP gets the 'Wireless AP Scan' data from WLC. Now since WLC and other devices are in different groups, will AMP be able to find the right set to devices which need to be polled for 'Wired Correlation'.

    Thanks,
    Tuhin



  • 4.  RE: Same device in Multiple Device Groups

    EMPLOYEE
    Posted Apr 04, 2013 10:07 AM

    All devices are polled periodically.  The ordering of the wired/wireless scans doesn't matter.  Correlation happens when RAPIDS sees that it has 2 events within a set time period (designated in RAPIDS -> Setup).  The only thing that matters for RAPIDS is the RAPIDS -> Rules.  The rules are processed from the top down, and stops once it finds a rule that applies.  The general recommendation is to begin with the most specific rules, and then work your way to the broad catch-all rules.  These rules are different for every deployment depending on which rogues are more important.

     

    For example: to several customers, a rogue found on the wired and wireless is the most important.  For other customers, a rogue that's heard wirelessly by at least 3 APs with a signal strength of -60 (or stronger) is a more severe rogue.  Typically, the rules for specific known rogues should be made first, then rules for specific valid internal devices, and then after that you go into the more general rules.