Dell 6.2 Server User Manual

Open as PDF

of 869

677 | AdvancedSecurity DellPowerConnectW-SeriesArubaOS6.2 | User Guide

Securing Controller-to-Controller Communication

xSec can be used to secure data and control traffic passed between two Dell controllers. The only requirement is that

both Dell controllers be members of the same VLAN. To establish a point-to-point tunnel between the two Dell

controllers, you need to configure the following for the connecting ports on each controller:

l The MAC address of the xSec tunnel termination point. This would be the MAC address of the “other”

controller.

l A 16-byte shared key used to authenticate the Dell controllers to each other. You must configure the same shared

key on both Dell controllers.

l The VLAN IDs for the VLANs that will extend across both the Dell controllers via the xSec. Figure 279 shows an

example network where two Dell controllers are connected to the same VLAN, VLAN 1. On controller 1, you

configure the MAC address of controller 2 for the xSec tunnel termination point. On controller 2, you configure

the MAC address of controller 1 for the xSec tunnel termination point. On both Dell controllers, you configure

the same 16-byte shared key and the IDs for the VLANs which are allowed to pass through the xSec tunnel.

Figure 279: Controller-to-Controller xSec Example

Configuring Controllers for xSec

The following sections describe how to use the WebUI or CLI to configure the port that connects to the wired

network on which the other controller is installed. Other chapters in this manual describe the configuration of

VLANs.

In the WebUI

1. On each controller, navigate to the Configuration > Network > Port page.

2. Click on the port to be configured.

3. Select the VLAN from the drop-down list.

4. Configure the xSec point-to-point settings:

a. Enter the MAC address of the tunnel termination point (the “other” controller’s MAC address).

b. Enter the key (for example, 1234567898765432) used by xSec to establish the tunnel between the Dell

controllers.

c. Select the VLANs that would be allowed across the point-to-point connection from the Allowed VLANs drop-

down menu, and click the <-- button.

5. Click Apply.

In the CLI

For Controller 1:

interface gigabitethernet|fastethernet slot/port

vlan 1

xsec point-to-point 10:11:12:13:14:15 1234567898765432 allowed vlan 101,200,250

For Controller 2:

interface gigabitethernet|fastethernet slot/port

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Dell 6.2 Server User Manual