Wireless Access

Reply
Contributor II

Separate AP VLAN vs IDS

Hi!

I have a question about deploying AP's in separate VLAN.

VRD_Aruba Mobility Controllers_8.pdf states:

 

"The other downside to this approach is that AMs become less effective, because they can no longer see user traffic that may be exiting a rogue AP on the wired side of the network."

 

This customer wants to have AP's in separate VLAN but also requires IDS.

 

Let's say Office VLAN is 11 and AP VLAN is 12, would it help to put all AP on trunk ports with native VLAN 12 and hearing all other VLANs to retain IDS capability?

 

Thanks,

        -V.D.

Guru Elite

Re: Separate AP VLAN vs IDS


v.dvorak wrote:

Hi!

I have a question about deploying AP's in separate VLAN.

VRD_Aruba Mobility Controllers_8.pdf states:

 

"The other downside to this approach is that AMs become less effective, because they can no longer see user traffic that may be exiting a rogue AP on the wired side of the network."

 

This customer wants to have AP's in separate VLAN but also requires IDS.

 

Let's say Office VLAN is 11 and AP VLAN is 12, would it help to put all AP on trunk ports with native VLAN 12 and hearing all other VLANs to retain IDS capability?

 

Thanks,

        -V.D.


yes

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Contributor II

Re: Separate AP VLAN vs IDS

OK, thanks!

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: