Wired Intelligent Edge

 View Only
last person joined: 14 hours ago 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.
Expand all | Collapse all

Aruba 2930F Portsecurity for Aruba AP

This thread has been viewed 21 times
  • 1.  Aruba 2930F Portsecurity for Aruba AP

    Posted Dec 10, 2021 10:16 AM

    Hello,

    we are using a VSF-Cluster of Aruba 2930F. For the Wireless-Connection we are using Aruba 50X and 30X Serie. On the Uplink-Ports of the Wireless-AP we are using some tagged Ports for the different SSIDs and the untagged for Management.

    I'm just looking for a solution to protect the physicaly network port on the switch for taking of the AP. My Problem is that anybody with access to the network port could take over my network.

    My first idea was to set "fault-finder loss-of-link action warn-and-disable". But it is not possible to set the function to a dedicated port. It just global.

    802.1X is used for our "normal" clients. On the wireless i see the problem that the tagged ports in case of un-auth vlan are still reachable.

    So do you have some ideas and commands for me to make this port save?

    Thanks a lot

    Daniel



  • 2.  RE: Aruba 2930F Portsecurity for Aruba AP

    Posted Dec 10, 2021 05:29 PM
    you can always enable some form of authentication like dot1x for the ports that Aruba APs connect to.
    Then based on the successful auth, the APs are put into either Local user role or downloadable user role that would have the various tagged VLANs, ACLs, etc.


    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba.
    ------------------------------



  • 3.  RE: Aruba 2930F Portsecurity for Aruba AP

    Posted Dec 11, 2021 04:23 AM
    Thanks a lot for your answer. Do you have some Snip-Commands or  a Link for further information to that solution?




  • 4.  RE: Aruba 2930F Portsecurity for Aruba AP

    Posted Dec 11, 2021 05:29 PM
    you can check this document
    https://community.arubanetworks.com/community-home/digestviewer/viewthread?MID=25508#bm3fceac0a-9796-47b2-9197-d700b94b4ecd

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba.
    ------------------------------