Wired Intelligent Edge

 View Only
  • 1.  Multiple untagged vlans on CX port

    Posted Oct 16, 2020 06:37 AM

    One of the good things about ComWare is the ability to have multiple untagged vlans on a single physical port, so you can take a baby switch , plug a number of devices into it, do macauths for all of them  and clearpass can send back different untagged vlans for each device and it'll "just work"

     

    Can we do the same  with CX? Am assuming the provision on steroids switches can't do it.

     

    A



  • 2.  RE: Multiple untagged vlans on CX port

    Posted Oct 16, 2020 11:41 AM

    Both AOS-Switch and AOS-CX can do this using user roles for each device.

     

     



  • 3.  RE: Multiple untagged vlans on CX port
    Best Answer

    Posted Oct 20, 2020 01:54 PM

    You can do it.

    But be aware that each host will then not have real VLAN isolation.

    As an example, if you have a baby switch connected to the Aruba CX, and your clients are connected to that switch, they will all see broadcasts for all the clients on the switch. As technically they will only be part of the assigned VLAN after the traffic enters the CX port. Before that, they are sharing the same L2.

    It is also quite trivial to piggy back into a VLAN being used by another client connected to the baby switch.