Wireless Access

last person joined: 17 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Trusted or not trusted

This thread has been viewed 9 times

  • 1.  Trusted or not trusted

    Posted Sep 17, 2013 12:13 PM

    On my controllers I have a management port and my data port.  I know that the mgnt port needs to be trusted.  Does the data port need to trusted also?



  • 2.  RE: Trusted or not trusted

    EMPLOYEE
    Posted Sep 17, 2013 12:16 PM

    That depends.  If you move to Untrusted, then you are essentially invoking the firewall of the controller and then things like AAA profiles, roles, and policies come into play.  



  • 3.  RE: Trusted or not trusted

    EMPLOYEE
    Posted Sep 17, 2013 12:20 PM

    The global wired AAA profile controls this behavior by the way.  Keep in mind that the port AND/OR the VLAN can be set to untrusted on the controller.  



  • 4.  RE: Trusted or not trusted
    Best Answer

    Posted Sep 17, 2013 01:12 PM

    If its the main (only) egress port on the controller, yes you want the port trusted (default) or your user table will fill up with all the wired MACs that can be seen from this port.   e.g. hundreds of entries pretty quickly.