User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerConnect W-6000

941

942

943

944

945

946

947

948

949

950

n A new AirGroup type column is added and this column specifies if the type of the AirGroup device is

mDNS, DLNA or both.

n The MAC address of each AirGroup user and server is now clickable. If you click MAC link, you are

redirected to the Dashboard > Clients > Summary page > AirGroup tab. If an AirGroup user or

AirGroup server is a wired trusted client, the MAC address is not clickable.

ClearPass Policy Manager and ClearPass Guest Features

With CPPM portal for WLAN administrators, you can register shared device such as conference room Apple TV

and printers. The ClearPass Guest portal for WLAN users allows end users to register their personal devices. For

more information on AirGroup configuration on CPPM, see the ClearPass Policy Manager User Guide and

ClearPass Guest Deployment Guide.

Best Practices and Limitations

Apple iTunes Wi-Fi Synchronization and File Sharing

When the controller receives mDNS response for a service, the controller caches such records and does not

propagate to other users. But for services like iTunes Wi-Fi synchronization and File Sharing to work seamlessly,

such mDNS responses must be propagated to other users on the controller even if they do not query for it.

To ensure that applications such as iTunes Wi-Fi synchronization and File Sharing work seamlessly, ArubaOS

selectively forwards these mDNS responses to AirGroup users, based on the user-name CPPM policy of the

AirGroup server. Hence, for a customer to use these services, it is necessary to configure user-name based

CPPM policies for the AirGroup devices.

Firewall Configuration

The following firewall configuration settings are recommended:

Disable Inter-User Firewall Settings

Some firewall settings can prevent the untrusted clients from communicating with each other. When these

settings are enabled, an untrusted client such as an iPad may not be able to send its image to an Apple TV on

the same controller.

Use the following commands to disable the virtual AP global firewall options and allow Bonjour services to use

AirGroup.

l no firewall deny-inter-user-bridging

l no firewall deny-inter-user-traffic

l no ipv6 firewall deny-inter-user-bridging

ValidUser ACL Configuration

The ValidUser Access Control list (ACL) must allow mDNS packets with the source IP as a link local address. Do

not use a ValidUser ACL if the user VLAN interfaces of the AirGroup controller are not configured with an IP

address.

Allow GRE and UDP 5353

mDNS discovery uses the predefined port UDP 5353. If there is a firewall between the AirGroup controller and

WLAN controller, ensure that your firewall policies allow GRE and UDP 5353. DLNA uses the predefined port

UDP 1900.

Dell Networking W-Series ArubaOS 6.4.x | User Guide AirGroup | 950