Support User Manuals

Dell 6.2 Server User Manual

Open as PDF

of 869

all other master and local Dell controllers as soon as the new controller is added to the hierarchy. If any old or invalid

AP entries are added to the campus AP whitelist, all Dell controllers in the hierarchy begins trusting those APs,

creating a potential security risk. For additional information on adding a new local controller using control plane

security to your network, see "Replacing a Local Controller" on page 93

To purge a controller’s campus AP whitelist via the WebUI:

1. Access the master controller WebUI, and navigate to Configuration>AP Installation.

2. Click the Campus AP Whitelist tab.

3. Click Purge.

To purge a campus AP whitelist via the command-line interface, issue the command:

whitelist-db cpsec purge

Managing Whitelists on Master and Local Controllers

Every controller using the control plane security feature maintains a campus AP whitelist, a local switch whitelist

and a master switch whitelist. The contents of these whitelists vary, depending upon the role of the controller, as

shown in the figure below.

Controller Role Campus AP Whitelist

Master Switch

Whitelist

Local Switch

Whitelist

On a (standalone) master

controller with no local

Dell controllers:

The campus AP whitelist contains

entries for the secure campus APs

associated with that controller.

The master switch

whitelist is empty, and

does not appear in the

WebUI.

The local switch whitelist

is empty, and does not

appear in the WebUI.

On a master controller

with local Dell

controllers:

The campus AP whitelist contains an

entry for every secure campus AP on

the network, regardless of the

controller to which it is connected.

The master switch

whitelist is empty, and

does not appear in the

WebUI.

The local switch whitelist

contains an entry for

each associated local

controller.

On a Local controller: The campus AP whitelist contains an

entry for every secure campus AP on

the network, regardless of the

controller to which it is connected.

The master switch

whitelist contains the

MAC and IP address of

the master controller.

The local switch whitelist

is empty, and does not

appear in the WebUI.

Table 18:

Control Plane Security Whitelists

Figure 19: Local Switch Whitelist on a Master Controller

DellPowerConnectW-SeriesArubaOS6.2 | User Guide ControlPlane Security | 87

previous next