Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Tunnel mode with CPSec disabled

This thread has been viewed 0 times

  • 1.  Tunnel mode with CPSec disabled

    Posted Jul 05, 2016 04:58 AM

    Hi all,

     

    If we have CPSec disabled, is client traffic encrypted when in tunnel mode?

     

    Jamie.



  • 2.  RE: Tunnel mode with CPSec disabled

    EMPLOYEE
    Posted Jul 05, 2016 05:38 AM
    Cpsec does not encrypt user data; only control plane data between the AP and controller.

    User traffic is encapsulated in GRE. If your wireless traffic uses encryption, that encryption will be encapsulated in GRE.


  • 3.  RE: Tunnel mode with CPSec disabled

    Posted Sep 05, 2017 01:16 PM

    Hi Colin Joseph,

     

    I understand that in the tunnel mode as the data is encapsulated, cpsec mode is not necessary, is it ?

     

    best

     

    Casper



  • 4.  RE: Tunnel mode with CPSec disabled

    EMPLOYEE
    Posted Sep 05, 2017 01:42 PM

    CPSEC is required for AP security and for bridge mode forwarding of Virtual APs and interfaces:  http://community.arubanetworks.com/t5/Controller-Based-WLANs/What-is-control-plane-security-How-does-one-configure-verify-it/ta-p/174912