Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Positioning of a Wireless Mobility Controller in a Network

This thread has been viewed 10 times
  • 1.  Positioning of a Wireless Mobility Controller in a Network

    Posted Oct 16, 2021 04:50 AM
    Hi,

    I´d like to as a Design-related question regarding the general positioning of a Wireless LAN Mobilty Controller appliance in a network!
    Would it be necessary/useful to secure the Mobility Controler from the rest of the network through a firewall, in which case all AP relevant Mgmt- and Communitcation traffic had to go through the firewall before reaching the Controller?!
    H
    ow do you basically handle that kind of design or does anybody know if there`re official design guides public?

    thanks for any kind of help in advance!


  • 2.  RE: Positioning of a Wireless Mobility Controller in a Network

    Posted Oct 18, 2021 07:07 AM
    The obvious answer is, "It depends". :D

    Are we referring to just a single controller? Is this a large network or a small, single-subnet network? What ArubaOS version?

    We have over 4500 APs with multiple controllers, We decided to physically install split our controllers in our 2 data centers. We have APs on separate subnets but they are not firewalled from the controllers. We use certificate based control plane security to control AP access. The management subnet is protected by access control lists.

    You Aruba account team, especially your SE should be able to give good guidance.

    ------------------------------
    Bruce Osborne ACCP ACMP
    Liberty University

    The views expressed here are my personal views and not those of my employer
    ------------------------------



  • 3.  RE: Positioning of a Wireless Mobility Controller in a Network

    Posted Oct 20, 2021 07:53 AM
    There is an official ArubaOS Hardening Guide available from ASP. That may provide a lot of information and guidance.

    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------