Enabling ALG Protocols on APs

To configure the protocol for ALG Application Layer Gateway. ALG is a security component that manages application layer protocols such as SIP, FTP and so on. , complete the following steps:

  1. In the Aruba Central app, set the filter to a group that contains at least one AP.
    The dashboard context for the group is displayed.
  2. Under Manage, click Devices > Access Points.
    A list of APs is displayed in the List view.
  3. Click the Config icon.
    The tabs to configure the APs are displayed.
  4. Click Show Advanced, and click the Security tab.
    The Security details page is displayed.
  5. Expand the Firewall Settings accordion.
  6. Turn on the toggle switch to enable SIP protocol.
  7. Click Save Settings.

When the protocols for the ALG is disabled, the changes do not take effect until the existing user sessions have expired. Reboot the AP and the client, or wait a few minutes for changes to take effect.

Restricting Access to Management Subnets for the AP

You can configure subnets Subnet is the logical division of an IP network. to ensure that the AP management is carried out only from these subnets. When the management subnets are configured, Telnet, SSH Secure Shell. SSH is a network protocol that provides secure access to a remote device. , and UI access is restricted to these subnets only.

To restrict access to management subnets for the AP, complete the following steps:

  1. In the Aruba Central app, set the filter to a group that contains at least one AP.

    The dashboard context for the group is displayed.
  2. Under Manage, click Devices > Access Points.

    A list of APs is displayed in the List view.
  3. Click the Config icon.

    The tabs to configure the APs are displayed.
  4. Click Show Advanced, and click the Security tab.

    The Security details page is displayed.
  5. Click the Firewall Settings accordion.
  6. In the Management Subnets table, click the + icon.

    The Add New Management Subnet window is displayed.

  7. In the Add New Management Subnet window, enter the following details:
    • Subnet—Enter the subnet address for which you wish to restrict the access.
    • Mask—Enter the subnet mask for which you wish to restrict the access.
  8. Click Ok.
  9. Click Save Settings.