User's Manual

118 | Control Plane Security Dell Networking W-Series ArubaOS 6.4.x| User Guide

Figure 6 Local Controller Whitelist on a Master Controller

If your deployment includes both master and local controllers, then the campus AP whitelist on every

When you change a campus AP whitelist on any controller, that controller contacts the other connected

controllers to notify them of the change.

The master controller whitelist on each local controller contains the IP and MAC addresses of its master

controller. If your network has a redundant master controller, then this whitelist contains more than one entry.

You rarely need to delete the master controller whitelist. Although you can delete an entry from the master

controller whitelist, you should do so only if you have removed a master controller from the network.

column in the local controller or master controller whitelists has the same value as the sequence number

displayed in the AP Whitelist Sync Status field. If a controller in the master or local controller whitelist has a

lower sequence number, that controller may still be waiting to complete its update, or receive its update

acknowledgement. In the example in Figure 6, the master controller has a current sequence number of 3, and

controllers have received and acknowledged all three campus AP whitelist changes made on the master

controller. For additional information on troubleshooting whitelist synchronization, see Verifying Whitelist

Synchronization on page 129.

You can view a controller’s current sequence number via the CLI using the command:

show whitelist-db cpsec-seq

The following sections describe the commands to view and delete entries in a master or local controller

To view the master or local controller whitelists via the WebUI, use the procedure below: