Controller Based WLANs

How to Zero Touch Provision an AP as a RAP using console port ?

Aruba Employee

Introduction :

 

Zero Touch Provisioning is the ability to take a RAP-5WN or a RAP-2WG and point it to a controller from the RAP’s web interface without having to configure it from the controller itself. You would just need to put the mac address of the AP into the Controllers RAP whitelist. The built-in Trusted Platform Module (TMP) on the AP has the APs mac address in it, so that the mac addresses cannot be faked.

 

The newer Aruba AP’s like the AP-100 Series, AP-130 Series, AP-220 Series and others have a trusted platform module that has the AP's mac address in it. Unfortunately, these do not present the end-user a web page to provision the AP, but if the user has a console cable, he can still provision it.


Environment : This article applies to All Aruba AP's that has Integrated Trusted Platform Module (TPM)

Configuration Steps :

Procedure:

Make sure the MAC address of the AP is in the RAP whitelist on the controller

Plug a console cable into the AP and stop the boot sequence.

When you get to the "apboot>" prompt, type the following:

apboot>  purge

apboot>  setenv master remote.arubanetworks.com (where this is the URL of your RAP controller).

apboot>  setenv remote_ap 1

apboot>  save

apboot> boot

 

Required without DNS or option 43 on the remote Location:

apboot> setenv master < Controllers IP Address > 

 

Required without DHCP on the remote location:

apboot> setenv ipaddr 

apboot> setenv netmask 

apboot> setenv gatewayip  

After saving the config and rebooting the AP, the AP gets connected to the controller and compares the Software build that it has with the version on the controller , if it detects mismatch then it loads mips32.ari from the controller to the AP so that the AP can also have the same version of the code.

 

Troubleshooting :

 

But on some occasions the AP may fail to get the mips32.ari from the controller due to issues with WAN connectivity in-between the controller and the AP 

On those circumstances we can download AP image from the controller using tftp and locally configure a TFTP server and load the mips32.ari file to the AP with the help of that TFTP application.

Procedure: 

Kindly run the tftp client ( Tftpd32 ) and get the file “mips32.ari” from the controller.
 

rtaImage.png

 

Step 1: Select the “current directory” where you want to get the file

Step 2: Select “tftp client”

Step 3: Enter “Host” IP as controller IP address

Step 4: Enter “Port” number 69

Step 5: Enter “Local File” name as mips32.ari

Step 6: Enter “Remote File” name as mips32.ari

Step 7: Hit “Get” button

Now you should have file under “current directory” by the name of “mips32.ari”
 

Now to boot AP via tftp, change the ‘bootcmd’ environment from ‘apboot’  

Required for AP local code upgrade:

apboot>  purge

apboot>  setenv master remote.arubanetworks.com (where this is the URL of your RAP controller).

apboot>  setenv remote_ap 1

apboot> setenv serverip <ip address of the TFTP server>
apboot> setenv bootcmd tftpboot

apboot>  save

apboot> boot

On rebooting the AP will contact the TFTP server and will loads mips32.ari so that the AP can now have the same version of the code as the controller

Once the AP got the code from the controller and finished installing it again reboot the AP and get into the AP boot prompt and change the AP boot mode 

Please note that the AP will not save the code to it’s local flash if the boot mode is left to tftpboot since next time it will try to load the code again. To restore the default behavior, change the ‘bootcmd’ to ‘boot ap’ 

apboot> setenv bootcmd boot ap 

apboot>  save

apboot> boot

Now the AP's is brought up as a RAP using the Console Port

 

 

Version history
Revision #:
1 of 1
Last update:
‎07-17-2014 08:12 AM
Updated by:
 
Labels (2)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.