Wireless Access

 View Only
last person joined: 21 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Expand all | Collapse all

Security scan warnings about HSTS on MCs

This thread has been viewed 10 times
  • 1.  Security scan warnings about HSTS on MCs

    Posted Nov 01, 2022 05:37 AM

    AOS version
    active and standby MCs
    2x clusters

    Our security team run Nessus scans and they are highlighting HSTS headers being missing on our MCs (active and standby). I'm not sure what this is telling us, obviously those (the MCs) aren't used for the captive portal (are they?) - would the CP be the normal culprit for this kind of warning? We don't get the warning for our cluster members which have a public cert configured for the captive portal, so in the meantime I have just done the same for the MCs. I'd like to understand this a bit more if anyone can fill me in?


  • 2.  RE: Security scan warnings about HSTS on MCs

    Posted Nov 11, 2022 02:16 PM
    There is a management login interface in the GUI.

    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card