Controllerless Networks

Hello all,

Question about airplay over Instant.  We are setting up our wireless as open authentication, we are only allowing http https dhcp and dns out through it by setting access rules.  We have setup an incoming firewall rule to deny all and we have enabled deny inter user bridging and deny local routing.   What we are looking at is how to implement using airplay with airgroup without implementing all the firewall rules that are needed for the ports of airplay.  Right now we have our Apple tvs registering in the airgroup and if i set a rule to allow any to any destination it works great.  Once I take that away we are left with having to open a scad of ports for it to work.

What i am struggling with and I havent found any documentation on is are thr rules needed or does airgroup somehow allow this traffic through without the rules set and I am just configuring it wrong.  Second I have tried to use the application level rule set to apple-airplay but this doesnt seem to let anything through or make any difference.  Is there some documentation on what these application based rules allow?

Thank You

Hi CaryWells,

Please refer lik https://community.arubanetworks.com/t5/Controller-Based-WLANs/What-are-the-port-based-recommendations-for-Airplay-and-Airprint/ta-p/184424

Thank you for those.  So what I am gathering from your answer you still need to open up all the ports. Airgroup only groups all access points to gether so that you can access them from different subnets.

Do you have any information on what the application based rules or services cover?  i am specifically looking at all the apple- based application rules.

Airgroup helps in discovering Airplay / Airprint compatible devices across vlans.

After discovery, client to server is unicast and we need to allow the required ports in ACL.