Place the APs in a management network that is behind a firewall, or only enable SSH when necessary.
------------------------------
Carson Hulcher, ACEX#110
------------------------------
Original Message:
Sent: Mar 06, 2025 09:08 AM
From: aquarunner
Subject: Restricting SSH access to Campus AP
Hello,
I have Aruba 7210 WLC with a mix of 515 and 565 access points. I enabled SSH to the access points via ap system profile. This is for advanced troubleshooting purposes. However, for each access point, SSH is exposed to anyone on the network that can reach the access point's ip address. I was wondering about restricting the ability to access SSH on the access points. Ideally, I would like to restrict it to the WLC. So I can SSH to the access point from the CLI of the WLC, but not from my laptop, for example. Is there a recommended way to achieve this?
Thanks in advance.