Filter
Top Products
88 |ControlPlaneSecurity DellPowerConnectW-SeriesArubaOS6.2 | User Guide
If your deployment includes both master and local Dell controllers, then the campus AP whitelist on every controller
contains an entry for every secure AP on the network, regardless of the controller to which it is connected. The
master controller also maintains a whitelist of local Dell controllers using control plane security. When you change a
campus AP whitelist on any controller, that controller contacts the other connected Dell controllers to notify them
of the change.
The master switch whitelist on each local controller contains the IP and MAC addresses of its master controller. If
your network has a redundant master controller, then this whitelist contains more than one entry. The master switch
whitelist rarely needs to be deleted. Although you can delete an entry from the master switch whitelist, you should
do so only if you have removed a master controller from the network.
Campus AP Whitelist Synchronization
The current sequence number in the AP Whitelist Sync Status field shows the number of changes to the campus AP
whitelist made on that controller. By default, each controller compares its campus AP whitelist against whitelists on
other Dell controllers every two minutes. If a controller detects a difference, it sends its changes to the other Dell
controllers on the network. If all other Dell controllers on the network have successfully received and acknowledged all
whitelist changes made on that controller, every entry in the sequencenumbercolumn in the local switch or master
switch whitelists has the same value as the sequence number displayed in the AP Whitelist Sync Status field. If a
controller in the master or local switch whitelist has a lower sequence number, that controller may still be waiting to
complete its update, or its update acknowledgement may not have yet been received. In the example in Figure 19,
the master controller has a current sequence number of 3, and each sequence number in its local switch whitelist also
shows a value of 3, indicating that both local Dell controllers have received and acknowledged all three campus AP
whitelist changes made on the master controller. For additional information on troubleshooting whitelist
synchronization, see "Verifying Whitelist Synchronization" on page 98.
You can view a controller’s current sequence number via the CLI using the command:
show whitelist-db cpsec-seq
Viewing and Managing the Master or Local Switch Whitelists
The following sections describe the commands to view and delete entries in a master or local switch whitelist.
Viewing the Master or Local Switch Whitelist
To view the master or local switch whitelists via the WebUI, use the procedure below:
1. Access the controller’s WebUI, and navigate to Configuration>AP Instalation.
2. Select the Whitelist tab.
The master and local controller switch tables each include the following information:
Data Column Description
MAC-Address On a local switch whitelist: MAC address of the master controller.
On a master switch whitelist: MAC address of a local controller.
IP-Address On a local switch whitelist: IP address of the master controller.
On a master switch whitelist: IP address of a local controller.
Sequence Number The number of times the controller in the whitelist received and acknowledged a
campus AP whitelist change from the controller whose WebUI you are currently
viewing.
Table 20:
Master and Local Switch Whitelist Information