It's the first time that I hear of this feature. It may not be widely used. As there is a dependency on the AP sending the rogue information, it may (or may not) work with controller based deployments. The documentation seems to be not very specific on the AP/controller side, it does seem that the feature depends on device profiling (aruba-ap devices are mentioned). Did you enable device profiling and do you see your APs profiled correctly? As the communication depends on LLDP, did you enable LLDP on the APs as well?
If there is no further response here, it may be useful to work with Aruba support and ask them for more details.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Mar 15, 2024 10:24 AM
From: Matt Dillion
Subject: Rogue AP Isolation on 2930M
Does anyone have experience successfully implementing Rogue AP Isolation on the Aruba 2930M switches? I've run through the setup and feel like I have everything configured correctly, however, I'm still not seeing rogue APs, and I know we have some based on Airwave and our Controller logs.
Thus far I have configured the following items
Enabled rogue-ap-isolation on the 2930M switch (logging only for now)
Enabled "wired containment" on our Controller Cluster / AP Group under IDS General
Verified LLDP is enabled on the 2930M switch
Any suggestions, or help, or advice, or lessons learned out there???
------------------------------
[Matt]
[Sr. Network Engineer]
------------------------------