- Community Home
- >
- Networking
- >
- Wireless
- >
- M and MSM Series
- >
- MSM760 Wireless Controller with Muptiple VSC's (Wh...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-11-2020 10:11 PM
11-11-2020 10:11 PM
MSM760 Wireless Controller with Muptiple VSC's (What setup is more secure?)
The controller is configured with 2 VSC's (Guest.wifi, Office.wifi)
Option A (Not using the WAN Port on the controller) Connecting the LAN Port of the controller to a managed switch. This connection trunked with 2 Vlans (Guest Vlan, Office Vlan) The Guest.wifi VSC is assigned to the LAN port of the controller and bound to the Guest Vlan. The Guest Vlan receives DHCP from the Firewall. The Guest Vlan is configured to have access to the Gateway for internet with no other network access. The Office.wifi VSC is assigned to the LAN port of the controller and bound to the Office Vlan. The Office Vlan received DHCP from a server on the network. The Office Vlan is configured to have access to the Gateway for internet and shares access with other wired network Vlans (Production, Administration, Management).
Option B (Using the WAN Port on the controller) Connecting the WAN Port of the controller to the modem and the LAN Port of the controller to a managed switch. The Guest.wifi VSC is Assigned to the WAN port of the controller. The Guest.wifi receives DHCP from the controller with access to the internet via the WAN Port. The Office wifi and Vlan networks have no changes in this configuration and are connected through the LAN Port receiving DHCP from a server on the office network. There is no "Guest Vlan" in this configuration since no Guest.wifi traffic is routed to the switch.
I am considering what option is better and why...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-12-2020 01:49 AM
11-12-2020 01:49 AM
Re: MSM760 Wireless Controller with Muptiple VSC's (What setup is more secure?)
Hello
Maybe I better answer can be provided if we have more details about the configuration in both scenario. I can think of the following questions which can give us a better understanding of the traffic flow.
- In the VSC menu of the respective VSCs for both scenarios, how are configured the options Use Controller for Authentication, Use Controller for Access Control?
- If Use Controller for Access Control is enabled for any VSC, what is configured as VSC egress mapping in the VSC menu?
- If Use Controller for Access Control is not enabled, what is configured as Egress Network under AP Group ->VSC Binding for the respective VSC?
- What options for Wireless Protection (WPA) and Authentication (PSK, 802.1x, html-based, mac auth) are configured for both VSCs in both scenarios?
Also I think we need to know what aspect of the security you are concerned about. Is it mainly preventingof the guest users from accessing the office network? Or generally the wireless security, things like secure authentication, privacy etc?