Wireless Access

last person joined: 9 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

captive portal for wired connection and generic AP

  • 1.  captive portal for wired connection and generic AP

    Posted Oct 06, 2014 02:44 AM

    Hi all,

     

    i've been wondering if i can user Aruba controller for wired user and some generic AP for temporary. here is the network diagram. any thought about how to this ?.

     

    Wired and general Ap.PNG



  • 2.  RE: captive portal for wired connection and generic AP

    Posted Oct 06, 2014 06:00 AM

    You would need to make the physical port on the Aruba Controller that the Generic L2 switch is plugged into untrusted.

     

    Before you do that make sure:

     

    - The physical port you make untrusted is a different port than your management port for the controller.  You can have two ports on the controller in the same VLAN, only make the one that is connected to the generic l2 switch untrusted.  If you make the port that you are managing the controller through untrusted, you could lose management access to the controller.

     



  • 3.  RE: captive portal for wired connection and generic AP

    Posted Oct 06, 2014 01:32 PM
    Ic ic, so there is a way provided. And Yes i fully aware about the management access. Another stuck issue and information i needed. How about pefng license. One of our customer, is using our controller to do CoA mac auth, is it still possible to implement pefng policy for wired client.


  • 4.  RE: captive portal for wired connection and generic AP

    Posted Oct 06, 2014 01:35 PM
    This feature is called tunneled-node and you would need Aruba switches to perform stateful inspection of the traffic in the controller.


  • 5.  RE: captive portal for wired connection and generic AP

    Posted Oct 06, 2014 01:46 PM
    @cappalli now i am a bit confuse. did you mean, another box beside our controller. Why aruba call is tunneled node. Our switch is directly connected to the controller.



  • 6.  RE: captive portal for wired connection and generic AP

    Posted Oct 06, 2014 02:37 PM
    Are you looking to push all traffic for a certain subnet through the firewall engine or per individual user?


  • 7.  RE: captive portal for wired connection and generic AP

    Posted Oct 06, 2014 09:37 PM
    Yep correct certain subnet through firewall engine. So it's need different approach than currently available using untrusted port and a wired profile configuration ?


  • 8.  RE: captive portal for wired connection and generic AP

    Posted Oct 06, 2014 01:38 PM
    Yes.