User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerConnect W-6000

111

112

113

114

115

116

117

118

119

120

1. Make sure that a CPPM server is configured on the controller.

2. Navigate to Configuration > All Profile Managment > Wireless LAN > VPN Authentication >

default-iap > Server Group.

3. Select the CPPM server from the Server Group drop-down list.

4. Click Apply.

In the CLI

Configure a radius server with CPPM server as host address. In this example cppm-rad is the CPPM server

name and cppm-sg is the server group name.

(host)(config) #aaa authentication-server radius cppm-rad

Add this server to a server group:

(host)(config) #aaa server-group cppm-sg

auth-server cppm-rad

Add this server group to the default-rap vpn profile:

(host)(config) #aaa authentication vpn default-rap

server-group cppm-sg

Managing Whitelists on Master and Local Controllers

Every controller using the control plane security feature maintains a campus AP whitelist, a local controller

whitelist and a master controller whitelist. The contents of these whitelists vary, depending upon the role of

the controller, as shown in the figure below.

Controller Role Campus AP Whitelist

Master Controller

Whitelist

Local Controller

Whitelist

On a (standalone)

master controller

with no local

controllers:

The campus AP whitelist contains

entries for the secure campus

APs associated with that

controller.

The master controller

whitelist is empty, and

does not appear in the

WebUI.

The local controller

whitelist is empty, and

does not appear in

the WebUI.

On a master

controller with local

controllers:

The campus AP whitelist contains

an entry for every secure

campus AP on the network,

regardless of the controller to

which it is connected.

The master controller

whitelist is empty, and

does not appear in the

WebUI.

The local controller

whitelist contains an

entry for each

associated local

controller.

On a local controller: The campus AP whitelist contains

an entry for every secure

campus AP on the network,

regardless of the controller to

which it is connected.

The master controller

whitelist contains the

MAC and the IP

addresses of the

master controller.

The local controller

whitelist is empty, and

does not appear in

the WebUI.

Table 17: Control Plane Security Whitelists

Dell Networking W-Series ArubaOS 6.4.x | User Guide Control Plane Security | 117