Owners manual

ManualsBrandsARUBA NETWORKS ManualsComputers & LaptopsAruba Instant IAP-325 IEEE 802.11ac 1.69 Gbit/s Wireless Access Point - 2.40 GHz, 5 GHz - 8 x Antenna(s) - 8 x Internal Antenna(

351

352

353

354

355

356

357

358

359

360

Aruba Instant 6.4.0.2-4.1 | User Guide Mobility Access Switch Integration | 356

Chapter 30

Mobility Access Switch Integration

This chapter provides the following information:

l Mobility Access Switch Overview on page 356

l Configuring IAPs for MAS Integration on page 356

Mobility Access Switch Overview

The Aruba Mobility Access Switch (MAS) enables secure, role-based network access for wired users and devices,

independent of their location or application. Installed in wiring closets, the MAS delivers up to 384 wire-speed Gigabit

Ethernet switch ports and operates as a wired access point when deployed with an Aruba Mobility Controller.

As a wired access point, users and their devices are authenticated and assigned a unique role by the Mobility

Controller. These roles are applied irrespective of whether the user is a Wi-Fi client, or is connected to a port on the

MAS. The use of MAS allows an enterprise workforce to have consistent and secure access to network resources

based on the type of users, client devices, and connection method used.

Instant supports S3500 and S2500 Mobility Access Switch models.

For more information on MAS, see ArubaOS

7.2 User Guide

MAS Integration with an IAP

You can integrate an IAP with a MAS by connecting it directly to the MAS port. The following MAS integration

features can be applied while integrating MAS with an IAP:

l Rogue AP containment—When a rogue AP is detected by an IAP, it sends the MAC Address of the rogue AP to

the MAS. The MAS blacklists the MAC address of the rogue AP and turns off the PoE on the port.

l PoE prioritization— When an IAP is connected directly into the MAS port, the MAS increases the PoE priority of

the port. This is done only if the PoE priority is set by default in the MAS.

The PoE Prioritization and Rogue AP Containment features is available for ArubaOS 7.2 release on Aruba

Mobility Access Switches.

l GVRP Integration—Configuring GARP VLAN Registration Protocol (GVRP) in ArubaOS MAS enables the

switch to dynamically register or de-register VLAN information received from a GVRP applicant such as an IAP.

GVRP also enables the switch to propagate the registered VLAN information to the neighboring switches in the

network.

The associated static VLANs in used wired and wireless profiles are propagated to the upstream MAS using

GVRP messages.

For information on steps to integrate MAS with an IAP, see Configuring IAPs for MAS Integration on page 356.

Configuring IAPs for MAS Integration

When an IAP is integrated with MAS, the Link Layer Discovery Protocol (LLDP) is enabled. Using this protocol, the

IAPs instruct the MAS to turn off the ports where rogue APs are connected, perform actions such as increasing the

PoE priority, and configure the VLANs on the ports to which the IAPs are connected.

You can enable MAS integration either using the Instant or CLI.