Wireless Access

Reply
Highlighted
Moderator

Re: Large client base - vlan pools or large subnet

Those are the correct optimizations. 


Thanks, 
Tim

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Highlighted
Frequent Contributor I

Re: Large client base - vlan pools or large subnet

Thank you Tim.

Jef
Occasional Contributor II

Re: Large client base - vlan pools or large subnet

Hi Zemarcio,

 

We got more or less the same setup with router address being a Checkpoint Firewall and 802.1x authentication through a Windows NPS server.

 

We checked the Drop and Convert options at the Virtual AP level and configured tunnel mode.

VAP.PNG

Our Windows NPS returns vendor specific attributes, so they get recognized by the Aruba Controller as the User Vlan and User Role. Different users on the same SSID are assigned to various Roles.

VAP.PNG

 

Pay attention when u use PEF (Policy Enforcement Firewall), so these rules don't contradict your Checkpoint firewall rule set.

 

Useful post? kudos appreciated!
Highlighted
Frequent Contributor I

Re: Large client base - vlan pools or large subnet

Thank you Jeff. I will need separate some users in a different vlan like you. Good tip!
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: