Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-3200
131132133134135136137138139140
131 | Control Plane Security Dell Networking W-Series ArubaOS 6.4.x| User Guide
b. Select Radius Server to display the CPPM Server List.
c. To configure a CPPM server, enter the name for the server and click Add.
d. Select the name to configure server parameters. Select the Mode check box to activate the
authentication server.
e. Click Apply.
2. Create a server group that contains the CPPM server.
3. Navigate to Configuration > All Profile Management > Wireless LAN > VPN Authentication >
default-rap > Server Group.
4. Select the CPPM server from the Server Group drop-down list.
5. Click Apply.
To assign a CPPM server to a RAP that was initially an Instant AP:
1. Make sure that a CPPM server is configured on the controller.
2. Navigate to Configuration > All Profile Management > Wireless LAN > VPN Authentication >
default-iap > Server Group.
3. Select the CPPM server from the Server Group drop-down list.
4. Click Apply.
In the CLI
To add a CPPM server to a RAP:
Configure a radius server with CPPM server as host address. In this example cppm-rad is the CPPM server
name and cppm-sg is the server group name.
(host)(config) #aaa authentication-server radius cppm-rad
Add this server to a server group:
(host)(config) #aaa server-group cppm-sg
(host) (Server Group "cppm-sg") #auth-server cppm-rad
Add this server group to the default-rap vpn profile:
(host)(config) #aaa authentication vpn default-rap
(host)(VPN Authentication Profile "default-rap") #server-group cppm-sg
Managing Whitelists on Master and Local Controllers
Every controller using the control plane security feature maintains a campus AP whitelist, a local controller
whitelist and a master controller whitelist. The contents of these whitelists vary, depending upon the role of
the controller, as shown in the table below.