Wireless Water Cooler

Hello,

I'm deploying an Aruba Central solution but I have a few issues with the firewall. When I try to register my AP on the Aruba Central without the firewall it's ok but when I replug it it doesn't work (the AP is not UP on the Aruba central dashboard).

The AP can join the device.arubanetworks.com.

I would like to know which port I need to open on my firewall.

Thank You.

Management/configuration and typical communications from the IAP/VC is done over HTTPs (TCP 443) to both device.arubanetworks.com (for Activate) and *.central.arubanetworks.com (for Central).

TCP 80 is needed for some of the image upgrades to images.arubanetworks.com and rcs-m.central.arubanetorks.com.

Hi there,

I just want to add at this reply that you also need to open the 53170 (for the central authentication) and the 52258 (for the AP configuration).

Not sure if others ports need to be open.

Again thanks for your reply.

Regards,

Lucien

Hi cjoseph,

I first tried to connect my AP to the central without modify my firewall (the port 443 is allowed) and the ap cannot register on the aruba central.

Then I launch a wireshark without any firewall and the device.arubanetworks.com seems to communicate with the AP with dest ports : 53170 and src ports : 443.

Then my AP finally go up in the central but do not take the configuration.

Then I double check my wireshark capture and the app1.central.arubanetworks.com seems to comunicate to my AP with the dest port : 52258 and then it's work.

I hope I've been clear with my explanation, maybe I did something wrong.

Regards,

Lucien

Lucien,

What kind of firewall do you have?  Those ports almost seem like a source port that was a reply to the port 443 request.

cjoseph,

I use a Palo Alto FW.

Ok, I was in a rush sorry.

I just not enough waited....

I try again without the ports open and after a while everythings seems alright.

Sorry for that and thanks for your answer.

Regards,

Lucien