Enhancements

These are in no particular order. Small stuff listed below. Bigger items get their own pages (see left).

blacklist script

  • update local script with no ap ap-blacklist-time command
  • potentially work with devs to create orchestra app

Open Wireless Encryption (OWE)

  • Tested as working on AP-225
  • Not actually supported on AP-2xx
  • update clearpass to expect _owetm_ prefix and _951c89ea suffix
  • disable in VTC, due to high number of existing SSIDs

WPA3

On ArubaOS 8.10:

  • On 2.4GHz and 5GHz:
    • WPA SHA256 (AKM 5) does not work; opmode wpa3-aes-ccm-128 uses WPA (AKM 1)
    • Protected Management Frames required (PMF-R) does not work with 802.11r (AKM 3)
  • On 6GHz:
    • opmde wpa3-aes-ccm-128 works as expected
    • PMF-R is required On ArubaOS 8.11+:
  • We can enable AKMs 1, 3, and 5 simultaneously on both bands
  • PMF-R works with 802.11r

Automate AP provisioning

  • Related AUA
  • Need to setup a trap listener. Preferably, this would be the web app would do this, instead of us translating SNMP to REST before sending to the web app.
  • Traps should be sent over v6.

PAPI authentication

See ArubaOS 8.7.0.0 User Guide page 783.