ArubaOS and Controllers

Reply
Occasional Contributor II
Posts: 10
Registered: ‎04-28-2009

Controller-Ip and Trusted Ports

I'm running code 3.4.2.4 and today attempted to set up a new M3 controller alongside my current environment. I ran into a lot of snags but the one that took me the longest to solve was the trusted port problem. I was unaware that if I changed the controller ip/main management ip to something other than vlan1 that I had to make sure the physical port was trusted in order to re-access the WebUI Mgmt. After I type in trusted in the CLI under the appropriate interface, I was back in business. Just thought I would throw this out there in case someone else ran into this issue.

Angela
Guru Elite
Posts: 21,031
Registered: ‎03-29-2007

Show audit-trail


I'm running code 3.4.2.4 and today attempted to set up a new M3 controller alongside my current environment. I ran into a lot of snags but the one that took me the longest to solve was the trusted port problem. I was unaware that if I changed the controller ip/main management ip to something other than vlan1 that I had to make sure the physical port was trusted in order to re-access the WebUI Mgmt. After I type in trusted in the CLI under the appropriate interface, I was back in business. Just thought I would throw this out there in case someone else ran into this issue.

Angela




Show audit-trail is your friend. By default all interfaces and VLANs are trusted. Unless something has changed recently, just changing the controller-ip should not make a port or VLAN untrusted. Do a "show audit-trail" to see how the port became untrusted.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 10
Registered: ‎04-28-2009

Re: Controller-Ip and Trusted Ports

Thanks for the reply. Show audit-trail did not return anything surprising. But I had restarted the controller when I changed the controller-ip from loopback to be a controller-ip with a vlan.

However, when I look at all my other interfaces that are not currently being used, they are marked untrusted and I know I have not gone into each interface and issue an untrusted command. Maybe this has something to do with the fact that I chose to shutdown all interfaces when I first started up the controller?
Guru Elite
Posts: 21,031
Registered: ‎03-29-2007

Untrusted

Shutting down interfaces also does not mark them untrusted. The only exception is if you create a port channel, by default it is untrusted. Yes, the audit trail clears everytime you reboot the controller, unfortunately.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 15
Registered: ‎05-05-2011

Re: Controller-Ip and Trusted Ports

THANK YOU! I was totally clueless that I couldn't access the WebUI using any other IP than the one on the MGMT interface port... also my APs wouldn't start the TFTP transfer of their images. A simple "trusted" on the Port-Channel and I am good to go.

once again thanks for your post!
Search Airheads
Showing results for 
Search instead for 
Did you mean: