Wireless Access

Reply
Frequent Contributor II
Posts: 124
Registered: ‎05-31-2015

Untrusted wireless VLANs

I've been reading through the AOS guide regarding port and VLAN trusts. It only goes into detail regarding the wired traffic - I wondered if this has any any effect on wireless traffic on an open SSID?

MVP
Posts: 4,301
Registered: ‎07-20-2011

Re: Untrusted wireless VLANs

It does, what are you trying to do ?

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
MVP
Posts: 4,301
Registered: ‎07-20-2011

Re: Untrusted wireless VLANs

It does, what are you trying to do ?

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Frequent Contributor II
Posts: 124
Registered: ‎05-31-2015

Re: Untrusted wireless VLANs

I am trying to find out whether the trusted/untrusted status of a physical port affects wireless clients traffic.

MVP
Posts: 1,409
Registered: ‎05-28-2008

Re: Untrusted wireless VLANs

You can classify wired traffic based not only on the incoming physical port but also on the VLAN associated with the port carrying traffic. For eg, say the user is connected on VLAN 10 and needs to pass traffic through wired port 1/0. If VLAN 10 on that wired port is marked as untrusted then any traffic on VLAN 10 through that port is marked as untrusted.
 
When you define a physical port or a VLAN associated to that port as untrusted, traffic passing through that port needs to go through a predefined access control list policy. You can set a range of VLANs as trusted or untrusted on a trunk port.
 
Following table lists the various port/VLAN combination to determine if the user traffic is trusted or untrusted:


PortVLANTraffic Status
TrustedTrustedTrusted
UntrustedUntrustedUntrusted
UntrustedTrustedUntrusted
TrustedUntrustedUntrusted

Environment : This article applies to all controller models and OS versions.

 

read more here:

http://community.arubanetworks.com/t5/Controller-Based-WLANs/How-to-configure-a-port-or-a-VLAN-to-be-trusted-or-untrusted/ta-p/187924

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Frequent Contributor II
Posts: 124
Registered: ‎05-31-2015

Re: Untrusted wireless VLANs

I understand all that however, back to my original question - does this affect "Wireless" traffic?

MVP
Posts: 1,409
Registered: ‎05-28-2008

Re: Untrusted wireless VLANs

All the traffic of the clients passing via tunnel to the controller,if that controller passing the traffic to to an untrusted VLAN , so all the traffic inside that VLAN will be untrsusted.

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Frequent Contributor II
Posts: 124
Registered: ‎05-31-2015

Re: Untrusted wireless VLANs

Lets simplify - rather than talking about trusted and untrusted VLAN interaction, if all VLANs are trusted but the port is untrusted will wireless traffic be affected by the untrusted port status?

MVP
Posts: 4,301
Registered: ‎07-20-2011

Re: Untrusted wireless VLANs

Traffic will be untrusted

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
MVP
Posts: 4,301
Registered: ‎07-20-2011

Re: Untrusted wireless VLANs

Traffic will be untrusted

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Search Airheads
Showing results for 
Search instead for 
Did you mean: