Wireless Access

Reply
Regular Contributor I

Branch Controller Security

Looking for some assistance in locating documentation which describes how the outside interface of a Branch Controller connected to a VPN tunnel is secured.  For instance a Cisco ASA firewall has the concept of a defined outside insterface that blocks all by default.  Aruba has all ports as untrusted but in the case of the Branch controllers there is a DHCP port (last controller port) that allows some types of access for the Zero Touch Provisioning.  Is there a guide that shows what ports are open on this interface?  It must allow IPSec 50, 4500, DNS, DHCP etc...  Is this like an ACL assigned to that port by default I can look at to see what access is allowed?

 

 

Guru Elite

Re: Branch Controller Security

You can add a session ACL to the interface if it's Internet facing.

Sent from Nine<>

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Regular Contributor I

Re: Branch Controller Security

Thanks Tim.  I am going to look at one later I do not have any in branch mode but I have to assume there is a default ACL already applied OR the port allows all.

 

 

Guru Elite

Re: Branch Controller Security

Unless you've configured otherwise, the port should be trusted.

Sent from Nine<>

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: