10-16-2019 01:31 AM - edited 10-16-2019 01:34 AM
In my enviroment we run a Mobility Master solution (ArubaOS 184.108.40.206) where we have our customers MD controllers installed.
Each customer have their own group under Managed Network to manage configuration per customer.
My problem comes when configuring Airgroup.
We have tried running distributed mode which never really went well. Some services seem to work, while others don't.
After hours of trying to debug Airgroup we decided to switch to Centralized mode.
This is working much better. All services seem to be distributed to clients. But with success comes new problems.
Customer A can now see Customer B's Airgroup Servers and vice versa. They cannot connect to them, as the network is segmented. So this is only a visual thing.
Is there a way to automatically segmentate a server once it's discovered by Airgroup?
I have found the "Server-Based Policy" where I am able to set rules per server. I want a more general setting.
It doesn't matter if it's segmented by AP neighbor hops or by AP group or User Role. It's just a matter of not being able to see other customers Airgroup servers.
Does anyone know if I will be able to achieve this in Centralized mode?
Re: Centralized Airgroup
10-16-2019 05:18 AM
From my understanding Airgroup Domains are not possible when running centralized mode. Have I misunderstood this?
showing status on the controller shows N/A at the active domain:
Showing AirGroup info from /md
AirGroup mode Centralised
AirGroup Profile default-AirGroup
Active domain N/A
Enforce Registration Disabled
AirGroup Service Information