Filter
Top Products
Campus Wireless Networks Validated Reference Design Version 3.3 | Design Guide Mobility Controller Configuration | 39
AP Groups
An AP Group is a unique combination of Configuration Profiles. In general, all profiles are available to
be assigned to an AP Group to create a complete configuration. This flexibility in configuration allows
you to do arbitrary groupings of APs such as ‘All Lobby APs’ or ‘All APs in California’ with different
configurations on each. Each AP Group must include a minimum number of profiles, in particular, a
Virtual AP Profile.
Profile Planning
To effectively use the profile system takes some planning. Unlike most planning decisions in network
designs, profile planning is not based on performance and scalability; it is based on creating a
functional and flexible network design that can be logically understood. Ideally, this planning is part of
the network planning.
While it is possible to simply place all of your equipment in default profiles and change the parameters
to suit your needs, you will miss out on the power and flexibility of the system. To take full advantage of
the system you must take into account the physical layout of your equipment, the technical
management requirements, and the business practices and regulatory requirements specific to your
organization.
Aruba recommends changing the following defaults:
z Default AP-Group
z Default Virtual-AP
z Default SSID.
When an AP first boots, it is automatically made a member of the default AP-Group, which has open
authentication by default. Aruba recommends changing the default to Air Monitor mode for new Access
Points. This allows anyone who plugs an unauthorized Aruba AP into your network to simply add to
your monitoring capabilities instead of creating a backdoor.
SSIDs, VLANs and Role Derivation
Each Aruba Access Point has the ability to appear to wireless users as multiple physical APs. Each of
these ‘virtual APs’ has their own Basic Service Set Identifier (BSSID) that identifies the AP and the
network name, or Service Set Identifier (SSID).
NOTE
It is important to note that each Access Point or Air Monitor can be a member of only a single AP
Group. You can not assign multiple AP Groups to the same AP. This restriction prevents the
assignment of incompatible or conflicting Profiles.