Wireless Access

Hi,

.

Can anyone tell me what implications might occur should Control Plane Security be enabled within a large production enviroment?

The production enviroment currently has Control Plane Security disabled and a solution I have labbed using Bridge mode for a particular problem requires Control Plane Security to be enabled.

Many thanks,

Shaun

You are looking at a 20 minute outage minimum to reboot APs twice and distribute keys to them..  It could even be more than that...

Hi Colin,

Thanks for you help,

Can you also tell me if we'd have any problems with APs not being supported please?

The reason I ask is because I've stumbled across the following recent thread and it has given me the shivers since the production enviroment also uses AP-105s and the first reply was to try disabling CPsec.

https://community.arubanetworks.com/t5/Wireless-Access/Can-t-provision-the-AP105-on-Aruba-3200/td-p/297754

Many thanks,

Shaun

The access points have to reboot and rediscover the controller, so if you removed or changed discovery methods for your network, your AP possibly will not be able to come up.  If you are worried about that, you should just provision the few APs that you need to be bridged as RAPs.  Enabling CPSEC for an entire network is alot of risk just to allow some APs to be bridged.

Perfect, thanks Colin