Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Need Tips

This thread has been viewed 0 times

  • 1.  Need Tips

    Posted Feb 13, 2013 09:16 PM

    Hello,

    I just bought Aruba IAP-135. I create Guest SSID (open network, no password) but use splash page from aruba to authenticate user.

    Is my setting secure ? or any good practice for setting guest network ? (Note without clearpass)

     

    Thanks



  • 2.  RE: Need Tips

    Posted Feb 13, 2013 09:24 PM

    Well for guest you can use as  you said the captive portal... if you use the internal database.

     

    When you making the guest wireless you can try this:

    1-In the role you using after the captive portal authentication put a role in which it just have access to the internet and it does not have access to anything in the internal network, you can do that with the roles.

    2-Try Natting so the network you using does not exist in your internal network, let say 172.16.3.0/24 let say that network does not exist in your network, well then use that one and nat through the IP of the AP i don tknow if you get the idea?

    3-You can periodically change the password of guest... as it does not automatically expire like with the controller..... I asled for this feature, you can vote for it on the ideas tab, if it get lot of kudos they might put it on future releases.

     

     

     



  • 3.  RE: Need Tips

    Posted Feb 13, 2013 09:32 PM

    Ah yeah there is a VRD for this of tips for  how to build your guest network i mean how aruba recomends... this is made for the controllers based but you still can fallow some of advice with the Instan APS

    Here is the link is not a long reading...

    http://www.arubanetworks.com/wp-content/uploads/AOS_GuestAcccess-AppNote.pdf

     

    Hope it helps you