Aruba Instant & Cloud Wi-Fi

Reply
Contributor I
Posts: 29
Registered: ‎03-12-2015

Zero Touch deployment for Instant and AirWave using DHCP options

[ Edited ]

 

Hi,

 

I can't seem to get an zero-touch provisioned IAP to be placed in the right group and folder in AirWave.

 

Configured these options in the DHCP server:
option 60 text "ArubaInstantAP"
option 43 text “PoC,10.30.2.31,MaxedaShop"
option 42 ip 10.30.2.20

 

Connected to the console of the IAP, i see the following output:

 

[snippet]

Getting an IP address...
Jan 1 00:00:31 udhcpc[2988]: udhcpc (v0.9.9-pre) started
Jan 1 00:00:31 udhcpc[2988]: send_discover: pkt num 0, secs 0
Jan 1 00:00:31 udhcpc[2988]: Sending discover...
Jan 1 00:00:31 udhcpc[2988]: send_selecting: pkt num 0, secs 0
Jan 1 00:00:31 udhcpc[2988]: Sending select for 10.34.249.192...
Jan 1 00:00:31 udhcpc[2988]: Lease of 10.34.249.192 obtained, lease time 691200
Jan 1 00:00:31 udhcpc[2988]: DHCP OPT 60 is not ArubaAP

Jan 1 00:00:31 udhcpc[2988]: DHCP OPT 60 is ArubaInstantAP

Jan 1 00:00:31 udhcpc[2988]: DHCP OPT 43, len: 25, buf: PoC,10.30.2.31,MaxedaShop

Jan 1 00:00:31 udhcpc[2988]: ams-ip: 10.30.2.31, length of ams-key: 10

Jan 1 00:00:31 udhcpc[2988]: DHCP OPT 42, len: 4, ip: 10.30.2.20
[ 47.125242] ip_time_handler: Got ip and packets on bond0 Started master election 3-0, rand 20
10.34.249.192 255.255.255.0 10.34.249.10
Compressing all files in the /etc/httpd directory...
Done.
Starting Webserver
bind: Transport endpoint is not connected
bind: Transport endpoint is not connected
bind: Transport endpoint is not connected
bind: Transport endpoint is not connected
NTP server 10.30.2.20 received via DHCP option.
Launching NTP Client on 10.30.2.20
[ 57.960980] ath_hal: 0.9.17.1 (AR5416, AR9380, WRITE_EEPROM, 11D)
[ 58.035301] ath_rate_atheros: Copyright (c) 2001-2005 Atheros Communications, Inc, All Rights Reserved
[ 58.146641] ath_dfs: Version 2.0.0
[ 58.146672] Copyright (c) 2005-2006 Atheros Communications, Inc. All Rights Reserved
[ 58.284442] ath_dev: Copyright (c) 2001-2007 Atheros Communications, Inc, All Rights Reserved
[ 58.397375] ath_pci: (Atheros/multi-bss)
[ 58.432895] PCI: enabling device 0000:01:00.0 (0140 -> 0142)
[ 58.500812] ath_pci 0000:01:00.0: ath DEBUG: sc=0xd994dc00
[ 64.251483] Startup Mode-0 set
[ 64.277038] htt_peer_map_timer_init Enter pdev d9884000 hrtimer d9886790
[ 64.355670]
[ 64.355670] htt_alloc_peer_map_mem : Alloc Success : host q vaddr ddf17000 paddr 5f417000
[ 64.472352]
[ 64.472352] htt_alloc_peer_map_mem : Flush Interval Configured to 256 pkts
[ 64.573508] ol_txrx_pdev_attach: 2500 tx desc's allocated ; range starts from d9920000
[ 64.669197]
[ 64.669197] SERIAL NUMBER: : wifi0
[ 64.669197]
[ 64.745267] wmi_service_ready_event_rx: WMI UNIFIED SERVICE READY event
[ 64.897906] wmi_ready_event_rx: WMI UNIFIED READY event
[ 64.950078] target uses HTT version 2.2; host uses 2.2
[ 65.051140] ol_ath_smart_ant_attach: Firmware doest not support Smart Antenna.
[ 65.125179] ol_ath_smart_ant_attach: Hardware doest not support Smart Antenna.
[ 65.211652] dfs_attach: event log disabled by default
[ 65.275226] -1077438292: dev:<wifi0> ic:d6780540 osdev:d994dc10 phy:2wifi0: Base BSSID 34:fc:b9:e7:69:90, 16 available BSSID(s) processor ID: 0
[ 65.426179] bond0 address=34:fc:b9:c6:76:98
[ 65.476194] br0 address=34:fc:b9:c6:76:98
[ 65.524117] wifi0: AP type AP-315, radio 0, max_bssids 16
[ 65.588784] Resetting spectral chainmask to Rx chainmask
[ 65.755576] Resetting spectral chainmask to Rx chainmask
[ 65.806935] Init the PCAP for radio0 offload 1.
[ 65.861230] PCI: enabling device 0000:03:00.0 (0140 -> 0142)
[ 65.928834] ath_pci 0000:03:00.0: ath DEBUG: sc=0xd7abcc00
[ 67.232114] Startup Mode-0 set
[ 67.257919] htt_peer_map_timer_init Enter pdev dcac0000 hrtimer dcac2790
[ 67.336363]
[ 67.336363] htt_alloc_peer_map_mem : Alloc Success : host q vaddr d7f5b000 paddr 5945b000
[ 67.453014]
[ 67.453014] htt_alloc_peer_map_mem : Flush Interval Configured to 256 pkts
[ 67.554201] ol_txrx_pdev_attach: 2500 tx desc's allocated ; range starts from d6720000
[ 67.649890]
[ 67.649890] SERIAL NUMBER: : wifi1
[ 67.649890]
[ 67.725929] wmi_service_ready_event_rx: WMI UNIFIED SERVICE READY event
[ 67.879350] wmi_ready_event_rx: WMI UNIFIED READY event
[ 67.931583] target uses HTT version 2.2; host uses 2.2
[ 67.938144] ol_ath_smart_ant_attach: Firmware doest not support Smart Antenna.
[ 67.938144] ol_ath_smart_ant_attach: Hardware doest not support Smart Antenna.
[ 67.938175] dfs_attach: event log disabled by default
[ 67.939925] -1077438292: dev:<wifi1> ic:d6880540 osdev:d7abcc10 phy:2wifi1: Base BSSID 34:fc:b9:e7:69:80, 16 available BSSID(s) processor ID: 0
[ 67.939956] bond0 address=34:fc:b9:c6:76:98
[ 67.939956] br0 address=34:fc:b9:c6:76:98
[ 67.939956] wifi1: AP type AP-315, radio 1, max_bssids 16
[ 67.939956] Resetting spectral chainmask to Rx chainmask
[ 67.939987] Resetting spectral chainmask to Rx chainmask
[ 67.940174] Init the PCAP for radio1 offload 1.
[ 67.943611] pktlog_init: Initializing Pktlog for AR900B, pktlog_hdr_size = 16
[ 67.943642] pktlog_init: Initializing Pktlog for AR900B, pktlog_hdr_size = 16
AP rebooted caused by cold HW reset(power loss)
shutting down watchdog process (nanny will restart it)...

<<<<< Welcome to the Access Point >>>>>

Completed SW FIPS KAT test
[ 70.198281] busybox (3289): /proc/3287/oom_adj is deprecated, please use /proc/3287/oom_score_adj instead.
User: [ 72.123180] Kernel watchdog refresh ended on core 1.
[ 72.125179] Kernel watchdog refresh ended on core 0.
[ 87.271165] i am master now
[ 87.292064] (09:26:01) !!! Init ---> Master
[ 87.342049] asap_send_elected_master: sent successfully

[/snippet]

 

The IAP shows up in AirWave, but not in the folder or group "PoC".

 

In the event log of AirWave, I see the following message I left out the IP/serial/MAC):

 

First:
"Instant AP with IP <IP address> (AP Info <serial>, <MAC address>, AP-315)PSK based authentication: swarm not found in amp and trying to ceate."

 

Then:
"Aruba Instant Virtual Controller" instant-<partial MAC> Discovered"

 

After which this message keeps getting logged every 2 minutes:
"Instant AP with IP <IP address> (AP Info <serial>, <MAC address>, AP-315)PSK based authentication: swarm is not approved in AirWave."


Any ideas on how to fix this (approve the swarm, how and where)?


IAP-315 running 6.5.0.0-4.3.0.0 (factory default)
AirWave 8.2.3

 

Regards,

Dante

 

Guru Elite
Posts: 20,761
Registered: ‎03-29-2007

Re: Zero Touch deployment for Instant and AirWave using DHCP options

 

Your syntax is wrong.

 

Please see the post here:  http://community.arubanetworks.com/t5/Controller-less-WLANs/How-to-setup-Aruba-Instant-and-AirWave/ta-p/174670

 

There is no option 42.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 29
Registered: ‎03-12-2015

Re: Zero Touch deployment for Instant and AirWave using DHCP options

[ Edited ]

Hi Colin,

 

You're referring to DHCP configuration on an Aruba controller (or switch, not sure). The DHCP server is a Windows server, so that's not really relevant. I got the DHCP options example from the Aruba doc DeployingInstantInAirWave.pdf (version 8.2).

But anyway, the guy who configured the DHCP server got it right apparently, as the IAP is accepting the DHCP options (see console output) and the IAP connects to the AirWave, only the AirWave is not accepting the PSK for some reason, so it puts the IAP in the New Devices (default) folder. So, yeah...

 

On DHCP option 42: snippet from the Aruba Instant 6.5.0.0-4.3.0.0 User Guide:

"To facilitate zero-touch provisioning using the AirWave Management Platform (AMP), Central, or Activate, you must configure the firewall and wired infrastructure to either allow the NTP trafficto pool.ntp.org, or provide alternative NTP servers under DHCP options."

 

If it's not necessary, it shouldn't say "must configure".

 

As the locations where the IAP's will be rolled out have no internet access, I used the DHCP option 42 to provide the NTP server info.

 

Opened a support case in the meanwhile, the engineer on the phone told me the very first IAP connecting to AirWave has to be put into a group manually, probably to get the PSK into the AirWave database/configuration/whatever. He saw the same issue at another customer. After that, AirWave should accept all following IAPs.

 

I'm going to test that right now.

Guru Elite
Posts: 20,761
Registered: ‎03-29-2007

Re: Zero Touch deployment for Instant and AirWave using DHCP options

If you are working with TAC, please continue to work with TAC on a solution.

 

I will have the doc team take a look at the deployinginstantwithairwave document.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 29
Registered: ‎03-12-2015

Re: Zero Touch deployment for Instant and AirWave using DHCP options

Proceeding with TAC: I'm on it.


Posted it on here just to share info and maybe I was missing something obvious

 

Anyway, the (partial) solution is to put the initial IAP into a group, to accept the PSK being used. Now other factory default IAP's are put in the correct group.

 

Next issue: although the Instant APs get the configuration from AirWave (checked it on the console on the AP), the radios do not come up (LED stays off, no SSIDs are being broadcasted). I've put an IAP in the same group in AirWave manually yesterday, and that worked just fine...

No idea why it isn't doing what the config says it should be doing... :S

 

Contributor I
Posts: 29
Registered: ‎03-12-2015

Re: Zero Touch deployment for Instant and AirWave using DHCP options

Ok, while waiting for TAC, I found the solution :P

 

The country-code was missing. Needed to enable the override "Allow Configuration Of Country Code" in the Instant Config gui in AirWave to get it pushed to the IAP.

SSID's are broadcasting, hooray! :D

Search Airheads
Showing results for 
Search instead for 
Did you mean: