Wireless Access

Reply
Contributor I

controller License

Hi,

I have master/standby topology, i dowload certificate on the master controller and us this certificyate in securtiy->authentication->L2 authentication, (the certificate name is the controller name, and master name is diffrent from standby name).

 

I noticed that the certificate from master was not moved to standby,

Can i import diffrent certificate to standby ?

Is it problematic since i have database sync ?

 

Regards

Rafi

Security > Authentication > L2 Authentication

Re: controller License

Hey, you can check that the database sync is working as expected by running #show database sync


According to the documentation only the WMS, Local User and CPSEC DB are sync'd (along with running configuration) between the two master controllers.


ACMA, ACMP
If my post addresses your query, give kudos:)
Contributor I

Re: controller License

Ok,

can i add different license to the second controller,

To do so the second controller must change his role to master is it ok ?

 

Regards

Rafi

Guru Elite

Re: controller License


Rafish wrote:

Hi,

I have master/standby topology, i dowload certificate on the master controller and us this certificyate in securtiy->authentication->L2 authentication, (the certificate name is the controller name, and master name is diffrent from standby name).

 

I noticed that the certificate from master was not moved to standby,

Can i import diffrent certificate to standby ?

Is it problematic since i have database sync ?

 

Regards

Rafi

Security > Authentication > L2 Authentication


You must upload a certificate individually to each controller.  The controller certificate is not synchronized with database sync.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Guru Elite

Re: controller License


Rafish wrote:

Ok,

can i add different license to the second controller,

To do so the second controller must change his role to master is it ok ?

 

Regards

Rafi


Do you want the controllers to share licenses?  If yes, you should turn on centralized licensing.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: controller License

Hi Colin,

Fisrt thanks alot for your help :)

 

Ok, i did that, i upload the cer to the standby, in the standbty everthing is "gray" and i can't add the certificate to the profile so i shut down the master , then the standby change to master, under the profile i added the certificate and i got error:

Error processing command 'aaa authentication dot1x "my-profile-name" server-cert "CCAMC7220D"':Unknown Trusted CA Certificate. Please upload the certificate before configuring in the profile

 

I upload the certificate from GUI, and i can see them, but when i checked with 

show dot1x certificates details

I noticed that i dont have any certificate on the standby controller.

 

Any idea ?

 

Regards

Rafi

Guru Elite

Re: controller License

You mentioned "licenses" and you mentioned "certificates".  Which one are you having problems with?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: controller License

Sorry,

 

I have problem with the certifaicate on the standby controller.

 

I have two controllers active and standby i create csr on both of them.

On the master everything is ok, the problem i mentioned is on the standby.

 

Regards

Rafi

Guru Elite

Re: controller License

Did you submit the CSR on the standby controller to a CA?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: controller License

Sorry i didnt understand what do you mean by "submit the CSR..."

See attached print screen from the standby controller

Management > Certificates > Upload

 

Regards

Rafi

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: