Wireless Access

Reply
Contributor II
Posts: 40
Registered: ‎01-21-2011

Separate AP VLAN vs IDS

Hi!

I have a question about deploying AP's in separate VLAN.

VRD_Aruba Mobility Controllers_8.pdf states:

 

"The other downside to this approach is that AMs become less effective, because they can no longer see user traffic that may be exiting a rogue AP on the wired side of the network."

 

This customer wants to have AP's in separate VLAN but also requires IDS.

 

Let's say Office VLAN is 11 and AP VLAN is 12, would it help to put all AP on trunk ports with native VLAN 12 and hearing all other VLANs to retain IDS capability?

 

Thanks,

        -V.D.

Guru Elite
Posts: 20,768
Registered: ‎03-29-2007

Re: Separate AP VLAN vs IDS


v.dvorak wrote:

Hi!

I have a question about deploying AP's in separate VLAN.

VRD_Aruba Mobility Controllers_8.pdf states:

 

"The other downside to this approach is that AMs become less effective, because they can no longer see user traffic that may be exiting a rogue AP on the wired side of the network."

 

This customer wants to have AP's in separate VLAN but also requires IDS.

 

Let's say Office VLAN is 11 and AP VLAN is 12, would it help to put all AP on trunk ports with native VLAN 12 and hearing all other VLANs to retain IDS capability?

 

Thanks,

        -V.D.


yes

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II
Posts: 40
Registered: ‎01-21-2011

Re: Separate AP VLAN vs IDS

OK, thanks!

Search Airheads
Showing results for 
Search instead for 
Did you mean: