SlideShare une entreprise Scribd logo

Airheads Tech Talks: Cloud Guest SSID on Aruba Central

Télécharger en tant que PPTX, PDF
Aruba, a Hewlett Packard Enterprise company
Aruba, a Hewlett Packard Enterprise company

Aruba Central user may need a centralized web-server to host captive portal page for their distributed networks across the globe like coffee shops, restaurant or hotels. Aruba central 2.0 has a new feature called Cloud Guest or Guest Management that allows administrator to create a splash page for guest users using Web server and radius server running in the cloud. Check out the webinar recording where this presentation was used: https://community.arubanetworks.com/t5/Cloud-Managed-Networks/Airheads-Tech-Talks-Cloud-Guest-SSID-on-Aruba-Central/td-p/524320

Technologie
1  sur  24
#ArubaAirheads Airheads Tech Talks: Cloud Guest SSID on Aruba Central Akhil Rajendran
2#ArubaAirheads Agenda – Introduction to Cloud Guest. – How to configure. – Debugging on IAP. – Adding Visitor accounts to Cloud Guest. – Generating Reports from Central.
3#ArubaAirheads Architecture Cloud Guest Slave IAP DNS server naw1Master IAP Central Cluster formed Wireless client on guest SSID TCP port 2083 for RADIUS authentication for guest management. If 2083 port is blocked, the HTTPS protocol is used. TCP 443
4#ArubaAirheads Cloud Guest Types – Anonymous – Authenticated – Facebook Wifi
5#ArubaAirheads Cloud Guest Type - Anonymous – No credentials required. – Plain, simple captive portal login. – Guest password if required can be added to the login. – MAC Caching – No option to remove the saved mac-address as of now. – Session limit can be set. – URL whitelisting.
6#ArubaAirheads Config Pushed to Instant AP #show network -------- Profile Name ESSID Clients Type Band Authentication Method Key Management IP Assignment Status Zone Coding Active ------------ ----- ------- ---- ---- --------------------- -------------- ------------- ------ ---- ------ ------ Anonymous Anonymous 0 guest all External CP WPA2-AES NAT Mode Enabled - UTF-8 Yes #show network Anonymous | in ECP ECP Profile :Anonymous_#guest#_ #show external-captive-portal Anonymous_#guest#_ Name :Anonymous_#guest#_ Server :ap1.cloudguest.central.arubanetworks.com Port :443 Url :/portal/scope.cust-00bc49df203e4281907cf158062489da/Anonymous/capture Auth Text : Redirect Url : Server Fail Throuth :Disable Disable Auto Whitelist :Disable Use HTTPs :Yes Server Offload :No Prevent Frame Overlay :Disable In Used :Yes Redirect Mode :Yes Switch IP :No
7#ArubaAirheads Debugging on IAP #show clients Client List ----------- Name IP Address MAC Address OS ESSID Access Point Channel Type Role IPv6 Address Signal Speed (mbps) ---- ---------- ----------- -- ----- ------------ ------- ---- ---- ------------ ------ ------------ ak-phone 192.168.1.3 d8:1d:72:7d:75:67 iPhone Anonymous f0:5c:19:ca:3c:e8 149E AC Anonymous_#guest#_ fe80::1cef:a90:a9aa:5342 35(good) 325(good) Number of Clients :1 Post Authenticating: #show clients Client List ----------- Name IP Address MAC Address OS ESSID Access Point Channel Type Role IPv6 Address Signal Speed (mbps) ---- ---------- ----------- -- ----- ------------ ------- ---- ---- - ----------- ------ ------------ 0DKsDUXsQVS+qgmftddd+w==.D3TTaA 192.168.1.3 d8:1d:72:7d:75:67 iPhone Anonymous f0:5c:19:ca:3c:e8 149E AC Anonymous fe80::1ceaf:a90:a9aa:5342 41(good) 433(good) Number of Clients :1
8#ArubaAirheads There are 2 radius servers pushed from Central to Instant AP. “AS1_#guest#_” uses RADSEC protocol – tcp 2083 to 35.154.164.176. “AS2_#guest#_” uses https protocol – tcp 443 to 13.126.228.244. #show radius status Radius server status ------------------------------------ Name Server IP Source IP Server Name Protocol Port NAS IP Connected sockets Status Last connection tried at Next connection at ---- --------- --------- ----------- -------- ---- ------ ------ ----------- ------ ------------------------ ------------------ AS2_#guest#_ 13.126.228.244 192.168.1.12 ap1-elb.cloudguest.central.arubanetworks.com RADIUS/TLS 443 192.168.1.12 1 CONNECTED 2019-03-21 14:08:58.184913 Not Applicable AS1_#guest#_ 35.154.164.176 192.168.1.12 ap1.cloudguest.central.arubanetworks.com RADIUS/TLS 2083 192.168.1.12 1 CONNECTED 2019-03-21 14:08:58.188131 Not Applicable All the radius request would be sent to AS1 as it is first in order. In any event tcp 2083 is blocked, radius request would be redirected to AS2.
9#ArubaAirheads #show radius status Radius server status -------------------- Name Server IP Source IP Server Name Protocol Port NAS IP Connected sockets Status Last connection tried at Next connection at ---- --------- --------- ----------- -------- ---- ------ ------ ----------- ------ ------------------------ ------------------ AS2_#guest#_ 13.126.228.244 192.168.1.12 ap1-elb.cloudguest.central.arubanetworks.com RADIUS/TLS 443 192.168.1.12 1 CONNECTED 2019-03-21 14:08:58.184913 Not Applicable AS1_#guest#_ 35.154.164.176 192.168.1.12 ap1.cloudguest.central.arubanetworks.com RADIUS/TLS 2083 192.168.1.12 0 INIT 2019-03-21 15:12:10.667178 2019-03-21 15:12:20.10667178
10#ArubaAirheads Client’s session to the cloudguest URL: # show datapath session | include 35.154.164.176 35.154.164.176 192.168.1.3 6 443 62144 0 0 0 1 dev20 6d F 192.168.1.3 35.154.164.176 6 62144 443 0 0 0 1 dev20 6d FC IAP’s attempt to contact AS1: # show datapath session | include 35.154.164.176 35.154.164.176 192.168.1.12 6 2083 53511 0 0 0 1 local 51 Y 192.168.1.12 35.154.164.176 6 53511 2083 0 0 0 1 local 51 C IAP communicates with AS2: # show datapath session | include 13.126.228.244 13.126.228.244 192.168.1.12 6 443 57852 0 0 0 1 local 49c2 192.168.1.12 13.126.228.244 6 57852 443 0 0 0 1 local 49c2 C
11#ArubaAirheads Security debug logs from IAP: When radsec establishes: # show log security | in AS1 Mar 21 15:28:02 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| Starting SSL connection to server AS1_#guest#_ ip 35.154.164.176 port 2083 Mar 21 15:28:02 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| TLS connection succeeded to AS1_#guest#_ Mar 21 15:28:02 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| check and send queued requests to server AS1_#guest#_ on socket 13 Mar 21 15:28:24 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| status server processed for server AS1_#guest#_ When radsec fails: # show log security | in AS1 Mar 21 15:31:56 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| SSL socket not available for server,creating: AS1_#guest#_ Mar 21 15:31:56 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| Resolve DNS for server AS1_#guest#_ with cmd /aruba/bin/dns_resolv ap1.cloudguest.central.arubanetworks.com Mar 21 15:31:56 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| Starting SSL connection to server AS1_#guest#_ ip 35.154.164.176 port 2083 Mar 21 15:31:56 stm[4409]: <199802> <ERRS> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| rc_rad_tls.c, radsec_resume_connection:1079: TCP connect to server AS1_#guest#_ failed to establish TLS connection to server AS1_#guest#_. Retry in 320 seconds
12#ArubaAirheads When both servers are down use the option ‘Allow Internet In Failure’. #show external-captive-portal Anonymous_#guest#_ Name :Anonymous_#guest#_ Server :ap1.cloudguest.central.arubanetworks.com Port :443 Url :/portal/scope.cust-00bc49df203e4281907cf158062489da/Anonymous/capture Auth Text : Redirect Url : Server Fail Throuth :Disable / Enable Disable Auto Whitelist :Disable Use HTTPs :Yes Server Offload :No Prevent Frame Overlay :Disable In Used :Yes Redirect Mode :Yes Switch IP :No
13#ArubaAirheads URL Whitelisting: # show access-rule Anonymous_#guest#_ Access Rules ------------ Dest IP Dest Mask Eth Type Dest Match Protocol (id:sport:eport) Application Action Log TOS 802.1P Blacklist App Throttle (Up:Down) Mirror DisScan ClassifyMedia ------- --------- -------- ---------- ------------------------- ----------- ------ --- --- ------ --------- ---------------------- ------ ------- ------------- alias cnn.com IPv4/6 match https permit alias bbc.com IPv4/6 match https permit Session Timeout # show ap debug auth-tracebuf Mar 22 09:29:19 cp-pap-auth-request -> 68:c4:4d:89:b8:44 f0:5c:19:23:ce:81/AS1_#guest#_ - - yzTmsIWkQViqzA1e2ghwKA==.D3XvFg Mar 22 09:29:19 cp-pap-auth-success <- 68:c4:4d:89:b8:44 f0:5c:19:23:ce:81/AS1_#guest#_ - - success Mar 22 09:29:19 rad-acct-start -> 68:c4:4d:89:b8:44 f0:5c:19:23:ce:81 - - Mar 22 09:29:35 rad-acct-int-update -> 68:c4:4d:89:b8:44 f0:5c:19:23:ce:81 - - Mar 22 09:31:17 rad-acct-stop -> 68:c4:4d:89:b8:44 f0:5c:19:23:ce:81 - -
14#ArubaAirheads Cloud Guest Type - Authenticated – Username/Password along with email and phone based verification. – Social login – Facebook, Google+, Twitter, Linkedin
15#ArubaAirheads Facebook login
16#ArubaAirheads # show clients Client List ----------- Name IP Address MAC Address OS ESSID Access Point Channel Type Role IPv6 Address Signal Speed (mbps) ---- ---------- ----------- -- ----- ------------ ------- ---- ---- ---- -------- ------ ------------ 5U7/JrfqQbqM7WeigqIzOw==.D3VW0A 192.168.1.5 68:c4:4d:89:b8:44 Linux Facebook f0:5c:19:ca:3c:e8 6 GN Facebook fe80::6ac4:4dff:fe89:b844 40(good) 52(good) # show access-rule Facebook Access Rules ------------ Dest IP Dest Mask Eth Type Dest Match Protocol (id:sport:eport) Application Action Log TOS 802.1P Blacklist App Throttle (Up:Down) Mirror DisScan ClassifyMedia ------- --------- -------- ---------- ------------------------- ----------- ------ --- --- ------ --------- ----------- ----------- ------ ------- ------------- any any IPv4/6 match any permit
17#ArubaAirheads
18#ArubaAirheads Self Registration Workflow for Apple CNA Captive portal detection URL’s: – http://www.apple.com/library/test/success.html – http://captive.apple.com/hotspot-detect.html
19#ArubaAirheads Error: ’Sponsor not authorized’
20#ArubaAirheads Session Limit / Data Limit # show ap debug auth-trace-buf Mar 22 13:13:07 cp-pap-auth-request -> d8:1d:72:7d:75:67 f0:5c:19:23:ce:93/AS1_#guest#_ - - T2jV0x48TAuTCk/7KYNn6g==.D3Yjig Mar 22 13:13:07 cp-pap-auth-success <- d8:1d:72:7d:75:67 f0:5c:19:23:ce:93/AS1_#guest#_ - - success Mar 22 13:13:07 rad-acct-start -> d8:1d:72:7d:75:67 f0:5c:19:23:ce:93 - - Mar 22 13:15:17 rad-acct-int-update -> d8:1d:72:7d:75:67 f0:5c:19:23:ce:93 - - Mar 22 13:15:25 rad-acct-stop -> d8:1d:72:7d:75:67 f0:5c:19:23:ce:93 - - # show clients Client List ----------- Name IP Address MAC Address OS ESSID Access Point Channel Type Role IPv6 Address Signal Speed (mbps) ---- ---------- ----------- -- ----- ------------ ------- ---- ---- ------ ------ ------ ------------ ak-iphone 192.168.1.3 d8:1d:72:7d:75:67 Social f0:5c:19:ca:3c:e8 52E AC Social_#guest#_ fe80::c77:cc59:6a3f:df9 25(good) 433(good)
21#ArubaAirheads Facebook Wifi
22#ArubaAirheads Cloud Guest - Visitors – Generate accounts that can be given to guests. – Cannot be configured at MSP level. – Visitor accounts can be created for username/password login. – Visitor accounts can be modified and new password can be sent via SMS or email.
23#ArubaAirheads Reports – Reports can be pulled from Central to have track of various parameters like: – Client usage – Application usage – Client sessions – Can be automated or ran as and when required. – Report can be downloaded or sent to any email addresses.
24#ArubaAirheads Thank You Q & A

Recommandé

Base Designs Lab Setup for Validated Reference Design
Base Designs Lab Setup for Validated Reference DesignBase Designs Lab Setup for Validated Reference Design
Base Designs Lab Setup for Validated Reference DesignAruba, a Hewlett Packard Enterprise company
 
Guest Access with ArubaOS
Guest Access with ArubaOSGuest Access with ArubaOS
Guest Access with ArubaOSAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - High availability with AP Fast Failover
EMEA Airheads- ArubaOS - High availability with AP Fast FailoverEMEA Airheads- ArubaOS - High availability with AP Fast Failover
EMEA Airheads- ArubaOS - High availability with AP Fast FailoverAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba CentralEMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba CentralAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Troubleshooting 802.1x issues
EMEA Airheads- Troubleshooting 802.1x issuesEMEA Airheads- Troubleshooting 802.1x issues
EMEA Airheads- Troubleshooting 802.1x issuesAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Aruba Instant AP- VPN Troubleshooting
EMEA Airheads- Aruba Instant AP- VPN TroubleshootingEMEA Airheads- Aruba Instant AP- VPN Troubleshooting
EMEA Airheads- Aruba Instant AP- VPN TroubleshootingAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingEMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerEMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerAruba, a Hewlett Packard Enterprise company
 

Recommandé

Base Designs Lab Setup for Validated Reference Design
Base Designs Lab Setup for Validated Reference DesignBase Designs Lab Setup for Validated Reference Design
Base Designs Lab Setup for Validated Reference DesignAruba, a Hewlett Packard Enterprise company
 
Guest Access with ArubaOS
Guest Access with ArubaOSGuest Access with ArubaOS
Guest Access with ArubaOSAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - High availability with AP Fast Failover
EMEA Airheads- ArubaOS - High availability with AP Fast FailoverEMEA Airheads- ArubaOS - High availability with AP Fast Failover
EMEA Airheads- ArubaOS - High availability with AP Fast FailoverAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba CentralEMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba CentralAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Troubleshooting 802.1x issues
EMEA Airheads- Troubleshooting 802.1x issuesEMEA Airheads- Troubleshooting 802.1x issues
EMEA Airheads- Troubleshooting 802.1x issuesAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Aruba Instant AP- VPN Troubleshooting
EMEA Airheads- Aruba Instant AP- VPN TroubleshootingEMEA Airheads- Aruba Instant AP- VPN Troubleshooting
EMEA Airheads- Aruba Instant AP- VPN TroubleshootingAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingEMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerEMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads How licensing works in Aruba OS 8.x
EMEA Airheads How licensing works in Aruba OS 8.xEMEA Airheads How licensing works in Aruba OS 8.x
EMEA Airheads How licensing works in Aruba OS 8.xAruba, a Hewlett Packard Enterprise company
 
Managing and Optimizing RF Spectrum for Aruba WLANs
Managing and Optimizing RF Spectrum for Aruba WLANsManaging and Optimizing RF Spectrum for Aruba WLANs
Managing and Optimizing RF Spectrum for Aruba WLANsAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant APEMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant APAruba, a Hewlett Packard Enterprise company
 
Airheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.xAirheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.xAruba, a Hewlett Packard Enterprise company
 
Advanced rf troubleshooting_peter lane
Advanced rf troubleshooting_peter laneAdvanced rf troubleshooting_peter lane
Advanced rf troubleshooting_peter laneAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xEMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xAruba, a Hewlett Packard Enterprise company
 
Useful cli commands v1
Useful cli commands v1Useful cli commands v1
Useful cli commands v1Aruba, a Hewlett Packard Enterprise company
 
Aruba 802.11n Networks Validated Reference Design
Aruba 802.11n Networks Validated Reference DesignAruba 802.11n Networks Validated Reference Design
Aruba 802.11n Networks Validated Reference DesignAruba, a Hewlett Packard Enterprise company
 
Aruba Mobility Controller 7200 Installation Guide
Aruba Mobility Controller 7200 Installation GuideAruba Mobility Controller 7200 Installation Guide
Aruba Mobility Controller 7200 Installation GuideAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
EMEA Airheads - Aruba Remote Access Point (RAP) TroubleshootingEMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
EMEA Airheads - Aruba Remote Access Point (RAP) TroubleshootingAruba, a Hewlett Packard Enterprise company
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPassAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Instant AP traffic optimization
EMEA Airheads- Instant AP traffic optimizationEMEA Airheads- Instant AP traffic optimization
EMEA Airheads- Instant AP traffic optimizationAruba, a Hewlett Packard Enterprise company
 
WLAN Design for Location, Voice & Video
WLAN Design for Location, Voice & VideoWLAN Design for Location, Voice & Video
WLAN Design for Location, Voice & VideoAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2 EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentEMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentAruba, a Hewlett Packard Enterprise company
 
Air group tb 080112_final
Air group tb 080112_finalAir group tb 080112_final
Air group tb 080112_finalAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Instant AP- Instant AP Best Practice Configuration
EMEA Airheads- Instant AP- Instant AP Best Practice ConfigurationEMEA Airheads- Instant AP- Instant AP Best Practice Configuration
EMEA Airheads- Instant AP- Instant AP Best Practice ConfigurationAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - Multi zone ap and centralized image upgrade
EMEA Airheads - Multi zone ap and centralized image upgradeEMEA Airheads - Multi zone ap and centralized image upgrade
EMEA Airheads - Multi zone ap and centralized image upgradeAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - Configuring different APIs in Aruba 8.x
EMEA Airheads - Configuring different APIs in Aruba 8.x EMEA Airheads - Configuring different APIs in Aruba 8.x
EMEA Airheads - Configuring different APIs in Aruba 8.x Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xEMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xAruba, a Hewlett Packard Enterprise company
 
Ipsec
IpsecIpsec
IpsecEddy Barzallo
 
Deep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private CloudDeep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private CloudAmazon Web Services
 

Contenu connexe

Tendances

Tendances (20)

EMEA Airheads How licensing works in Aruba OS 8.x
EMEA Airheads How licensing works in Aruba OS 8.xEMEA Airheads How licensing works in Aruba OS 8.x
EMEA Airheads How licensing works in Aruba OS 8.x
 
Managing and Optimizing RF Spectrum for Aruba WLANs
Managing and Optimizing RF Spectrum for Aruba WLANsManaging and Optimizing RF Spectrum for Aruba WLANs
Managing and Optimizing RF Spectrum for Aruba WLANs
 
EMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant APEMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant AP
 
Airheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.xAirheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.x
 
Advanced rf troubleshooting_peter lane
Advanced rf troubleshooting_peter laneAdvanced rf troubleshooting_peter lane
Advanced rf troubleshooting_peter lane
 
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xEMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
 
Useful cli commands v1
Useful cli commands v1Useful cli commands v1
Useful cli commands v1
 
Aruba 802.11n Networks Validated Reference Design
Aruba 802.11n Networks Validated Reference DesignAruba 802.11n Networks Validated Reference Design
Aruba 802.11n Networks Validated Reference Design
 
Aruba Mobility Controller 7200 Installation Guide
Aruba Mobility Controller 7200 Installation GuideAruba Mobility Controller 7200 Installation Guide
Aruba Mobility Controller 7200 Installation Guide
 
EMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
EMEA Airheads - Aruba Remote Access Point (RAP) TroubleshootingEMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
EMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPass
 
EMEA Airheads- Instant AP traffic optimization
EMEA Airheads- Instant AP traffic optimizationEMEA Airheads- Instant AP traffic optimization
EMEA Airheads- Instant AP traffic optimization
 
WLAN Design for Location, Voice & Video
WLAN Design for Location, Voice & VideoWLAN Design for Location, Voice & Video
WLAN Design for Location, Voice & Video
 
EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2 EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2
 
EMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentEMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP Deployment
 
Air group tb 080112_final
Air group tb 080112_finalAir group tb 080112_final
Air group tb 080112_final
 
EMEA Airheads- Instant AP- Instant AP Best Practice Configuration
EMEA Airheads- Instant AP- Instant AP Best Practice ConfigurationEMEA Airheads- Instant AP- Instant AP Best Practice Configuration
EMEA Airheads- Instant AP- Instant AP Best Practice Configuration
 
EMEA Airheads - Multi zone ap and centralized image upgrade
EMEA Airheads - Multi zone ap and centralized image upgradeEMEA Airheads - Multi zone ap and centralized image upgrade
EMEA Airheads - Multi zone ap and centralized image upgrade
 
EMEA Airheads - Configuring different APIs in Aruba 8.x
EMEA Airheads - Configuring different APIs in Aruba 8.x EMEA Airheads - Configuring different APIs in Aruba 8.x
EMEA Airheads - Configuring different APIs in Aruba 8.x
 
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xEMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
 

Similaire à Airheads Tech Talks: Cloud Guest SSID on Aruba Central

Deep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private CloudDeep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private CloudAmazon Web Services
 
Modul dhcp server menggunakan mikrotik os
Modul dhcp server menggunakan mikrotik osModul dhcp server menggunakan mikrotik os
Modul dhcp server menggunakan mikrotik osEen Pahlefi
 
Deep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private CloudDeep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private CloudAmazon Web Services
 
Deep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private CloudDeep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private CloudAmazon Web Services
 
Deep Dive - Amazon Virtual Private Cloud (VPC)
Deep Dive - Amazon Virtual Private Cloud (VPC)Deep Dive - Amazon Virtual Private Cloud (VPC)
Deep Dive - Amazon Virtual Private Cloud (VPC)Amazon Web Services
 
6th floorsharingsession ep 1 - networking - arp v 1.0
6th floorsharingsession ep 1 - networking - arp v 1.06th floorsharingsession ep 1 - networking - arp v 1.0
6th floorsharingsession ep 1 - networking - arp v 1.0A Achyar Nur
 
HTTP logging met Varnishlog - PHPWVL 2022
HTTP logging met Varnishlog - PHPWVL 2022HTTP logging met Varnishlog - PHPWVL 2022
HTTP logging met Varnishlog - PHPWVL 2022Thijs Feryn
 
Implementation of DNS Anycast - a case study
Implementation of DNS Anycast - a case studyImplementation of DNS Anycast - a case study
Implementation of DNS Anycast - a case studyA. S. M. Shamim Reza
 
Reverse engineering Swisscom's Centro Grande Modem
Reverse engineering Swisscom's Centro Grande ModemReverse engineering Swisscom's Centro Grande Modem
Reverse engineering Swisscom's Centro Grande ModemCyber Security Alliance
 
tips_breakout-airheads-macau-2013-top-10-tips-from-aruba-tac.pdf
tips_breakout-airheads-macau-2013-top-10-tips-from-aruba-tac.pdftips_breakout-airheads-macau-2013-top-10-tips-from-aruba-tac.pdf
tips_breakout-airheads-macau-2013-top-10-tips-from-aruba-tac.pdfssuser47d3271
 
Ak13 upgrade
Ak13 upgradeAk13 upgrade
Ak13 upgradeAccenture
 
(NET404) Making Every Packet Count
(NET404) Making Every Packet Count(NET404) Making Every Packet Count
(NET404) Making Every Packet CountAmazon Web Services
 
Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Kelson Silva
 
05 module managing your network enviornment
05 module managing your network enviornment05 module managing your network enviornment
05 module managing your network enviornmentAsif
 

Similaire à Airheads Tech Talks: Cloud Guest SSID on Aruba Central (20)

Ipsec
IpsecIpsec
Ipsec
 
Deep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private CloudDeep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private Cloud
 
Modul dhcp server menggunakan mikrotik os
Modul dhcp server menggunakan mikrotik osModul dhcp server menggunakan mikrotik os
Modul dhcp server menggunakan mikrotik os
 
Breakout - Airheads Macau 2013 - Top 10 Tips from Aruba TAC
Breakout - Airheads Macau 2013 - Top 10 Tips from Aruba TAC Breakout - Airheads Macau 2013 - Top 10 Tips from Aruba TAC
Breakout - Airheads Macau 2013 - Top 10 Tips from Aruba TAC
 
Deep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private CloudDeep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private Cloud
 
Deep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private CloudDeep Dive: Amazon Virtual Private Cloud
Deep Dive: Amazon Virtual Private Cloud
 
1-300-206 (SENSS)=Firewall (642-618)
1-300-206 (SENSS)=Firewall (642-618) 1-300-206 (SENSS)=Firewall (642-618)
1-300-206 (SENSS)=Firewall (642-618)
 
Deep Dive - Amazon Virtual Private Cloud (VPC)
Deep Dive - Amazon Virtual Private Cloud (VPC)Deep Dive - Amazon Virtual Private Cloud (VPC)
Deep Dive - Amazon Virtual Private Cloud (VPC)
 
6th floorsharingsession ep 1 - networking - arp v 1.0
6th floorsharingsession ep 1 - networking - arp v 1.06th floorsharingsession ep 1 - networking - arp v 1.0
6th floorsharingsession ep 1 - networking - arp v 1.0
 
Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140) Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140)
 
HTTP logging met Varnishlog - PHPWVL 2022
HTTP logging met Varnishlog - PHPWVL 2022HTTP logging met Varnishlog - PHPWVL 2022
HTTP logging met Varnishlog - PHPWVL 2022
 
Implementation of DNS Anycast - a case study
Implementation of DNS Anycast - a case studyImplementation of DNS Anycast - a case study
Implementation of DNS Anycast - a case study
 
Reverse engineering Swisscom's Centro Grande Modem
Reverse engineering Swisscom's Centro Grande ModemReverse engineering Swisscom's Centro Grande Modem
Reverse engineering Swisscom's Centro Grande Modem
 
EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)
 
tips_breakout-airheads-macau-2013-top-10-tips-from-aruba-tac.pdf
tips_breakout-airheads-macau-2013-top-10-tips-from-aruba-tac.pdftips_breakout-airheads-macau-2013-top-10-tips-from-aruba-tac.pdf
tips_breakout-airheads-macau-2013-top-10-tips-from-aruba-tac.pdf
 
Ak13 upgrade
Ak13 upgradeAk13 upgrade
Ak13 upgrade
 
(NET404) Making Every Packet Count
(NET404) Making Every Packet Count(NET404) Making Every Packet Count
(NET404) Making Every Packet Count
 
Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations
 
Pycon - Python for ethical hackers
Pycon - Python for ethical hackers Pycon - Python for ethical hackers
Pycon - Python for ethical hackers
 
05 module managing your network enviornment
05 module managing your network enviornment05 module managing your network enviornment
05 module managing your network enviornment
 

Plus de Aruba, a Hewlett Packard Enterprise company

EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...
EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...
EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...Aruba, a Hewlett Packard Enterprise company
 

Plus de Aruba, a Hewlett Packard Enterprise company (15)

Airheads Tech Talks: Understanding ClearPass OnGuard Agents
Airheads Tech Talks: Understanding ClearPass OnGuard AgentsAirheads Tech Talks: Understanding ClearPass OnGuard Agents
Airheads Tech Talks: Understanding ClearPass OnGuard Agents
 
EMEA Airheads- Switch stacking_ ArubaOS Switch
EMEA Airheads- Switch stacking_ ArubaOS SwitchEMEA Airheads- Switch stacking_ ArubaOS Switch
EMEA Airheads- Switch stacking_ ArubaOS Switch
 
EMEA Airheads- LACP and distributed LACP – ArubaOS Switch
EMEA Airheads- LACP and distributed LACP – ArubaOS SwitchEMEA Airheads- LACP and distributed LACP – ArubaOS Switch
EMEA Airheads- LACP and distributed LACP – ArubaOS Switch
 
Introduction to AirWave 10
Introduction to AirWave 10Introduction to AirWave 10
Introduction to AirWave 10
 
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS SwitchEMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
 
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.xEMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
 
EMEA Airheads- Getting Started with the ClearPass REST API – CPPM
EMEA Airheads- Getting Started with the ClearPass REST API – CPPMEMEA Airheads- Getting Started with the ClearPass REST API – CPPM
EMEA Airheads- Getting Started with the ClearPass REST API – CPPM
 
Airheads Meetups: 8400 Presentation
Airheads Meetups: 8400 PresentationAirheads Meetups: 8400 Presentation
Airheads Meetups: 8400 Presentation
 
Airheads Meetups: Ekahau Presentation
Airheads Meetups: Ekahau PresentationAirheads Meetups: Ekahau Presentation
Airheads Meetups: Ekahau Presentation
 
Airheads Meetups- High density WLAN
Airheads Meetups- High density WLANAirheads Meetups- High density WLAN
Airheads Meetups- High density WLAN
 
Airheads Meetups- Avans Hogeschool goes Aruba
Airheads Meetups- Avans Hogeschool goes ArubaAirheads Meetups- Avans Hogeschool goes Aruba
Airheads Meetups- Avans Hogeschool goes Aruba
 
Bringing up Aruba Mobility Master, Managed Device & Access Point
Bringing up Aruba Mobility Master, Managed Device & Access PointBringing up Aruba Mobility Master, Managed Device & Access Point
Bringing up Aruba Mobility Master, Managed Device & Access Point
 
EMEA Airheads- Aruba 8.x Architecture overview & UI Navigation
EMEA Airheads- Aruba 8.x Architecture overview & UI NavigationEMEA Airheads- Aruba 8.x Architecture overview & UI Navigation
EMEA Airheads- Aruba 8.x Architecture overview & UI Navigation
 
EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...
EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...
EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...
 
EMEA Airheads- ClearPass extensions and how they can help
EMEA Airheads- ClearPass extensions and how they can helpEMEA Airheads- ClearPass extensions and how they can help
EMEA Airheads- ClearPass extensions and how they can help
 

Dernier

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 

Dernier (20)

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 

Airheads Tech Talks: Cloud Guest SSID on Aruba Central

  • 1. #ArubaAirheads Airheads Tech Talks: Cloud Guest SSID on Aruba Central Akhil Rajendran
  • 2. 2#ArubaAirheads Agenda – Introduction to Cloud Guest. – How to configure. – Debugging on IAP. – Adding Visitor accounts to Cloud Guest. – Generating Reports from Central.
  • 3. 3#ArubaAirheads Architecture Cloud Guest Slave IAP DNS server naw1Master IAP Central Cluster formed Wireless client on guest SSID TCP port 2083 for RADIUS authentication for guest management. If 2083 port is blocked, the HTTPS protocol is used. TCP 443
  • 4. 4#ArubaAirheads Cloud Guest Types – Anonymous – Authenticated – Facebook Wifi
  • 5. 5#ArubaAirheads Cloud Guest Type - Anonymous – No credentials required. – Plain, simple captive portal login. – Guest password if required can be added to the login. – MAC Caching – No option to remove the saved mac-address as of now. – Session limit can be set. – URL whitelisting.
  • 6. 6#ArubaAirheads Config Pushed to Instant AP #show network -------- Profile Name ESSID Clients Type Band Authentication Method Key Management IP Assignment Status Zone Coding Active ------------ ----- ------- ---- ---- --------------------- -------------- ------------- ------ ---- ------ ------ Anonymous Anonymous 0 guest all External CP WPA2-AES NAT Mode Enabled - UTF-8 Yes #show network Anonymous | in ECP ECP Profile :Anonymous_#guest#_ #show external-captive-portal Anonymous_#guest#_ Name :Anonymous_#guest#_ Server :ap1.cloudguest.central.arubanetworks.com Port :443 Url :/portal/scope.cust-00bc49df203e4281907cf158062489da/Anonymous/capture Auth Text : Redirect Url : Server Fail Throuth :Disable Disable Auto Whitelist :Disable Use HTTPs :Yes Server Offload :No Prevent Frame Overlay :Disable In Used :Yes Redirect Mode :Yes Switch IP :No
  • 7. 7#ArubaAirheads Debugging on IAP #show clients Client List ----------- Name IP Address MAC Address OS ESSID Access Point Channel Type Role IPv6 Address Signal Speed (mbps) ---- ---------- ----------- -- ----- ------------ ------- ---- ---- ------------ ------ ------------ ak-phone 192.168.1.3 d8:1d:72:7d:75:67 iPhone Anonymous f0:5c:19:ca:3c:e8 149E AC Anonymous_#guest#_ fe80::1cef:a90:a9aa:5342 35(good) 325(good) Number of Clients :1 Post Authenticating: #show clients Client List ----------- Name IP Address MAC Address OS ESSID Access Point Channel Type Role IPv6 Address Signal Speed (mbps) ---- ---------- ----------- -- ----- ------------ ------- ---- ---- - ----------- ------ ------------ 0DKsDUXsQVS+qgmftddd+w==.D3TTaA 192.168.1.3 d8:1d:72:7d:75:67 iPhone Anonymous f0:5c:19:ca:3c:e8 149E AC Anonymous fe80::1ceaf:a90:a9aa:5342 41(good) 433(good) Number of Clients :1
  • 8. 8#ArubaAirheads There are 2 radius servers pushed from Central to Instant AP. “AS1_#guest#_” uses RADSEC protocol – tcp 2083 to 35.154.164.176. “AS2_#guest#_” uses https protocol – tcp 443 to 13.126.228.244. #show radius status Radius server status ------------------------------------ Name Server IP Source IP Server Name Protocol Port NAS IP Connected sockets Status Last connection tried at Next connection at ---- --------- --------- ----------- -------- ---- ------ ------ ----------- ------ ------------------------ ------------------ AS2_#guest#_ 13.126.228.244 192.168.1.12 ap1-elb.cloudguest.central.arubanetworks.com RADIUS/TLS 443 192.168.1.12 1 CONNECTED 2019-03-21 14:08:58.184913 Not Applicable AS1_#guest#_ 35.154.164.176 192.168.1.12 ap1.cloudguest.central.arubanetworks.com RADIUS/TLS 2083 192.168.1.12 1 CONNECTED 2019-03-21 14:08:58.188131 Not Applicable All the radius request would be sent to AS1 as it is first in order. In any event tcp 2083 is blocked, radius request would be redirected to AS2.
  • 9. 9#ArubaAirheads #show radius status Radius server status -------------------- Name Server IP Source IP Server Name Protocol Port NAS IP Connected sockets Status Last connection tried at Next connection at ---- --------- --------- ----------- -------- ---- ------ ------ ----------- ------ ------------------------ ------------------ AS2_#guest#_ 13.126.228.244 192.168.1.12 ap1-elb.cloudguest.central.arubanetworks.com RADIUS/TLS 443 192.168.1.12 1 CONNECTED 2019-03-21 14:08:58.184913 Not Applicable AS1_#guest#_ 35.154.164.176 192.168.1.12 ap1.cloudguest.central.arubanetworks.com RADIUS/TLS 2083 192.168.1.12 0 INIT 2019-03-21 15:12:10.667178 2019-03-21 15:12:20.10667178
  • 10. 10#ArubaAirheads Client’s session to the cloudguest URL: # show datapath session | include 35.154.164.176 35.154.164.176 192.168.1.3 6 443 62144 0 0 0 1 dev20 6d F 192.168.1.3 35.154.164.176 6 62144 443 0 0 0 1 dev20 6d FC IAP’s attempt to contact AS1: # show datapath session | include 35.154.164.176 35.154.164.176 192.168.1.12 6 2083 53511 0 0 0 1 local 51 Y 192.168.1.12 35.154.164.176 6 53511 2083 0 0 0 1 local 51 C IAP communicates with AS2: # show datapath session | include 13.126.228.244 13.126.228.244 192.168.1.12 6 443 57852 0 0 0 1 local 49c2 192.168.1.12 13.126.228.244 6 57852 443 0 0 0 1 local 49c2 C
  • 11. 11#ArubaAirheads Security debug logs from IAP: When radsec establishes: # show log security | in AS1 Mar 21 15:28:02 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| Starting SSL connection to server AS1_#guest#_ ip 35.154.164.176 port 2083 Mar 21 15:28:02 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| TLS connection succeeded to AS1_#guest#_ Mar 21 15:28:02 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| check and send queued requests to server AS1_#guest#_ on socket 13 Mar 21 15:28:24 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| status server processed for server AS1_#guest#_ When radsec fails: # show log security | in AS1 Mar 21 15:31:56 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| SSL socket not available for server,creating: AS1_#guest#_ Mar 21 15:31:56 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| Resolve DNS for server AS1_#guest#_ with cmd /aruba/bin/dns_resolv ap1.cloudguest.central.arubanetworks.com Mar 21 15:31:56 stm[4409]: <124004> <DBUG> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| Starting SSL connection to server AS1_#guest#_ ip 35.154.164.176 port 2083 Mar 21 15:31:56 stm[4409]: <199802> <ERRS> |AP f0:5c:19:ca:3c:e8@192.168.1.12 stm| rc_rad_tls.c, radsec_resume_connection:1079: TCP connect to server AS1_#guest#_ failed to establish TLS connection to server AS1_#guest#_. Retry in 320 seconds
  • 12. 12#ArubaAirheads When both servers are down use the option ‘Allow Internet In Failure’. #show external-captive-portal Anonymous_#guest#_ Name :Anonymous_#guest#_ Server :ap1.cloudguest.central.arubanetworks.com Port :443 Url :/portal/scope.cust-00bc49df203e4281907cf158062489da/Anonymous/capture Auth Text : Redirect Url : Server Fail Throuth :Disable / Enable Disable Auto Whitelist :Disable Use HTTPs :Yes Server Offload :No Prevent Frame Overlay :Disable In Used :Yes Redirect Mode :Yes Switch IP :No
  • 13. 13#ArubaAirheads URL Whitelisting: # show access-rule Anonymous_#guest#_ Access Rules ------------ Dest IP Dest Mask Eth Type Dest Match Protocol (id:sport:eport) Application Action Log TOS 802.1P Blacklist App Throttle (Up:Down) Mirror DisScan ClassifyMedia ------- --------- -------- ---------- ------------------------- ----------- ------ --- --- ------ --------- ---------------------- ------ ------- ------------- alias cnn.com IPv4/6 match https permit alias bbc.com IPv4/6 match https permit Session Timeout # show ap debug auth-tracebuf Mar 22 09:29:19 cp-pap-auth-request -> 68:c4:4d:89:b8:44 f0:5c:19:23:ce:81/AS1_#guest#_ - - yzTmsIWkQViqzA1e2ghwKA==.D3XvFg Mar 22 09:29:19 cp-pap-auth-success <- 68:c4:4d:89:b8:44 f0:5c:19:23:ce:81/AS1_#guest#_ - - success Mar 22 09:29:19 rad-acct-start -> 68:c4:4d:89:b8:44 f0:5c:19:23:ce:81 - - Mar 22 09:29:35 rad-acct-int-update -> 68:c4:4d:89:b8:44 f0:5c:19:23:ce:81 - - Mar 22 09:31:17 rad-acct-stop -> 68:c4:4d:89:b8:44 f0:5c:19:23:ce:81 - -
  • 14. 14#ArubaAirheads Cloud Guest Type - Authenticated – Username/Password along with email and phone based verification. – Social login – Facebook, Google+, Twitter, Linkedin
  • 16. 16#ArubaAirheads # show clients Client List ----------- Name IP Address MAC Address OS ESSID Access Point Channel Type Role IPv6 Address Signal Speed (mbps) ---- ---------- ----------- -- ----- ------------ ------- ---- ---- ---- -------- ------ ------------ 5U7/JrfqQbqM7WeigqIzOw==.D3VW0A 192.168.1.5 68:c4:4d:89:b8:44 Linux Facebook f0:5c:19:ca:3c:e8 6 GN Facebook fe80::6ac4:4dff:fe89:b844 40(good) 52(good) # show access-rule Facebook Access Rules ------------ Dest IP Dest Mask Eth Type Dest Match Protocol (id:sport:eport) Application Action Log TOS 802.1P Blacklist App Throttle (Up:Down) Mirror DisScan ClassifyMedia ------- --------- -------- ---------- ------------------------- ----------- ------ --- --- ------ --------- ----------- ----------- ------ ------- ------------- any any IPv4/6 match any permit
  • 18. 18#ArubaAirheads Self Registration Workflow for Apple CNA Captive portal detection URL’s: – http://www.apple.com/library/test/success.html – http://captive.apple.com/hotspot-detect.html
  • 20. 20#ArubaAirheads Session Limit / Data Limit # show ap debug auth-trace-buf Mar 22 13:13:07 cp-pap-auth-request -> d8:1d:72:7d:75:67 f0:5c:19:23:ce:93/AS1_#guest#_ - - T2jV0x48TAuTCk/7KYNn6g==.D3Yjig Mar 22 13:13:07 cp-pap-auth-success <- d8:1d:72:7d:75:67 f0:5c:19:23:ce:93/AS1_#guest#_ - - success Mar 22 13:13:07 rad-acct-start -> d8:1d:72:7d:75:67 f0:5c:19:23:ce:93 - - Mar 22 13:15:17 rad-acct-int-update -> d8:1d:72:7d:75:67 f0:5c:19:23:ce:93 - - Mar 22 13:15:25 rad-acct-stop -> d8:1d:72:7d:75:67 f0:5c:19:23:ce:93 - - # show clients Client List ----------- Name IP Address MAC Address OS ESSID Access Point Channel Type Role IPv6 Address Signal Speed (mbps) ---- ---------- ----------- -- ----- ------------ ------- ---- ---- ------ ------ ------ ------------ ak-iphone 192.168.1.3 d8:1d:72:7d:75:67 Social f0:5c:19:ca:3c:e8 52E AC Social_#guest#_ fe80::c77:cc59:6a3f:df9 25(good) 433(good)
  • 22. 22#ArubaAirheads Cloud Guest - Visitors – Generate accounts that can be given to guests. – Cannot be configured at MSP level. – Visitor accounts can be created for username/password login. – Visitor accounts can be modified and new password can be sent via SMS or email.
  • 23. 23#ArubaAirheads Reports – Reports can be pulled from Central to have track of various parameters like: – Client usage – Application usage – Client sessions – Can be automated or ran as and when required. – Report can be downloaded or sent to any email addresses.