ArubaOS and Controllers

Reply
Occasional Contributor I
Posts: 6
Registered: ‎04-13-2009

Master controller redundancy and session-acl config changes

Folks,

I ran into a problem when running a redundant master setup. The issue is that I don't seem to be able to modify session based acl on the backup master, nor does the active master pass the changes made to backup master.

For example:

On active master:
(Aruba200-Demo) (config) #ip access-list session my-own-ses-acl
(Aruba200-Demo) (config-sess-outside-interface)#any host 172.26.131.6 udp 4500 permit

On backup master:

(RDNT-WLC01) (config) #ip access-list s?
standard Standard Access List
(RDNT-WLC01) (config) #

It this expected behaviour? If yes, how do I get around this? I've thought about changing VRRP priorities to manually force active-backup transition but then again, is there a better way?

I appreciate your ideas!
Guru Elite
Posts: 20,819
Registered: ‎03-29-2007

Re: Master controller redundancy and session-acl config changes

The backup master functions basically as a local controller and gets all the ACLs from synchronization with the main master. You cannot configure ACLs on the backup master, unless it becomes the master controller.

Type "show switches" on the commandline of the master to see if it is synchronized with the backup master. You can also type "write mem" to push the config from the master to the backup master.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I
Posts: 6
Registered: ‎04-13-2009

Re: Master controller redundancy and session-acl config changes

Cheers Colin, and thanks for your input.

I also found an error in my setup: controller-ip was different from the master-redundancy VRRP instance, this caused some problems in synchronizing the configuration. Now I have a working setup.
Search Airheads
Showing results for 
Search instead for 
Did you mean: