Wireless Access

Reply
Occasional Contributor I

Can you create custom AirGroup Services for custom ports?

I'm trying to set up AirGroups for a custom multicast service that isn't part of the pre-canned AirGroups services on AOS. I was wondering about the following:

 

- Is there a list of all Service ID's you can use?

- Is there a way to create a custom service with the required TCP/UDP ports?

 

Thank you!

Guru Elite

Re: Can you create custom AirGroup Services for custom ports?

You can define any valid mDNS or SSDP service string. Ports are not used.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Guru Elite

Re: Can you create custom AirGroup Services for custom ports?

Airgroup is not specifically for multicast.  It is for services that advertise their services via multicast DLNA or MDNS.    Please see here: http://www.arubanetworks.com/techdocs/Troubleshooting/ArubaOS/AirGroup_Troubleshooting/Web_Help_Index.htm#arubaframestyles/troubleshooting%20topics/airgroup.htm%3FTocPath%3D_____2 if you have a DLNA or MDNS device that is not showing up.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Occasional Contributor I

Re: Can you create custom AirGroup Services for custom ports?

Thank you for the information. The reason why I am inquring is because I am trying to utilize airgroups to allow isolation of devices on a per user basis using CPPM. Hwoever there is a limitation to AirGroups since the custom protocol I need is not available on there.

 

Another method I was thinking would work is if there is a way to completely isolate devices that users register on the Clearpass Guest Portal. Ideally, a user will register the mac-address of their devices, and once connected to the network, only have access to the Internet and the other devices that they registered.

 

Is this something that can be done with the "Deny Inter-User" configuration?

Guru Elite

Re: Can you create custom AirGroup Services for custom ports?

AirGroup is not a security feature. It ONLY controls mDNS and SSDP advertisement. It does not control/restrict/enforce any other part of the datapath.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: