Search the Community
- ClearPass Recipe Review
- ClearPass Recipe Submission
- Admin Tool - Assign Role in Bulk
- Admin Tool - User Search
- CWNP Conf 2015
- Airheads Conference Vegas 2015
- Wlan Pro Conference 2015
- Airheads Conference Shanghai 2014
- WLAN Pro Conf EU 2014
- CWNP Conference 2014 (Sep 22 - 24)
- Airheads Local 2014
- Wireless Field Day 7 (Aug 6-8, 2014)
- Black Hat 2014 Contest
- Airheads EMEA Italy 2014 (June 9 - 13)
- Americas Airheads Conference 2014
- WLAN Professionals Summit 2014
- Airheads Roadshow 2013
- EMEA Airheads Conference 2013
- APJ Airheads Conference 2013
- Americas Airheads Conference 2013
- Americas Airheads Conference 2012
- APJ Airheads Conference 2012
- EMEA Airheads Conference 2012
- Airheads EMEA 2012 Contest: How to Enter - Contest Terms & Conditions
- Airheads EMEA 2012 Contest: Create your Entry to Win Here!
- Airheads Conferences Prior to 2012
- Americas Airheads Local Events 2012
- EMEA Airheads Local Events 2012
- Wireless Field Day 3 @ Aruba Networks
- Wireless Tech Field Day 2- Silicon Valley
- Wi-Fi Mobility Symposium- San Jose, CA USA
- SDN Apps
- Connector Translation Testing area
Hello, I have an issue with my wifi connection bandwith and i need to make a rule on my controller...
I have an issue with my wifi connection bandwith and i need to make a rule on my controller to indicate the user has the right just to just one connection .
I use authentication by AD.
From a colleague: " There is a “maximum concurrent session” parameter for local accounts...
From a colleague:
"There is a “maximum concurrent session” parameter for local accounts (when the controller is used as a RADIUS server, but with external authentication like AD, I don’t believe it is possible to enforce this."
If you have a Policy Engine like ClearPass, it would be possible to do it with radius accounting. Microsoft Radius servers do not have this capability.
I have a Aruba 600 controller, which act as a master.Now i want to install another controller in th...
I have a Aruba 600 controller, which act as a master.Now i want to install another controller in the same network. [for testing purpose]
My question is
1. does the 2nd controller import all configuraton from master?
2. I dont want to define it as local, if i dont is there any problem?
3. There is one dhcp server in the network, so i want to give the controller and ap [which i'm going to implement with 2nd controller] both static ip,
and in ap i think to define the 2nd controller as a master controller, so from where this ap will import configuration?
Controllers are different from Instant. In order to utilize the same configuration and be able to...Controllers are different from Instant. In order to utilize the same configuration and be able to terminate APs, you'll have to add it as a local. Your other option would be to take a backup and then restore but I would not put them on the same subnet.
It won't because these are not talking to each other , any config you put in place in either contro...It won't because these are not talking to each other , any config you put in place in either controller will not be share
To turn on adp on the test controller again use the same command but instead of disable use enable....To turn on adp on the test controller again use the same command but instead of disable use enable.
Don't turn it off in your production controller just on test controller
I have a Aruba 3600 controller. there is two vlan. vlan1= 172.16.0.0 network vlan2= 172.18...
I have a Aruba 3600 controller.
there is two vlan.
vlan1= 172.16.0.0 network
vlan2= 172.18.0.0 network.
controller is on vlan 1 [controller ip =172.16.0.254]
from controller i am not able to ping any device on vlan2 & from any device in vlan2 i cant able to any device on vlan1 [controller also]
please tell me what i have to do?
i want that they can able to ping each other.
You also need to make sure you don't have deny inter user bridging enabled.
Hi , I have to set up a aruba controller (7240) in hub and spoke environment , in 2 spoke we have ...
I have to set up a aruba controller (7240) in hub and spoke environment , in 2 spoke we have to install total 80 aruba APs(325).
What is the best design for this architecture ???
How many controller will reqiure for this setup ???
And which precaution we need to take for configuration & installation ??
You should start with the Aruba Networks Campus Network Validated Reference Design Guide here: ...
You should start with the Aruba Networks Campus Network Validated Reference Design Guide here: http://community.arubanetworks.com/t5/Validated-Reference-Design/Campus-Network-Design/ta-p/155134
In Aruba it is called Master (writeable controller), local (read-only controller), not hub and spoke. According to the datasheet here: http://www.arubanetworks.com/assets/ds/DS_7200Series.pdf a 7240 can terminate 2048 access points, so if you are not going over 2000 for each site, in theory you could use 2 7205s. Please see the rest of the Campus Validated Reference Design guide for design ideas.
Hi All I am very new to the Aruba product. I bought a APIN215 and after try t...
I am very new to the Aruba product.
I bought a APIN215 and after try to get ti to work i figured out i need a controller. I had my eye on a 7010-RW Mobility Controller. The question is does this need a licence to use, is it a once off licence. I am looking at running 2 AP215 only.
What happens if not licence is installed
You will need to license the controllers to the capacity of AP's that you require. If the...
You will need to license the controllers to the capacity of AP's that you require. If the there is no licenses on the controller the AP will not show as "up".
It depends, if you want to do any firewall, user roles etc then a PEF-NG license is a good start to...
It depends, if you want to do any firewall, user roles etc then a PEF-NG license is a good start too. Also the RF Protect license is good for spectrum monitor and WIPS stuff. You need to make sure that each license level is the same as the controller will support the minimum license count.
So for example
2x AP Capacity
The licenses are permanent and do not expire. The licenses are applied to the controller and not the AP.
You could always request an eval from HPE to trial features first, these are valid for a maximum of 90 days.
Hi, I have master/standby topology, i dowload certificate on the master controller and us thi...
I have master/standby topology, i dowload certificate on the master controller and us this certificyate in securtiy->authentication->L2 authentication, (the certificate name is the controller name, and master name is diffrent from standby name).
I noticed that the certificate from master was not moved to standby,
Can i import diffrent certificate to standby ?
Is it problematic since i have database sync ?
Security > Authentication > L2 Authentication
Hey, you can check that the database sync is working as expected by running #show database sync
According to the documentation only the WMS, Local User and CPSEC DB are sync'd (along with running configuration) between the two master controllers.
...controllers active and standby i create csr on both of them. On the master everything is ok, the...
I have problem with the certifaicate on the standby controller.
I have two controllers active and standby i create csr on both of them.
On the master everything is ok, the problem i mentioned is on the standby.
can i add different license to the second controller,
To do so the second controller must change his role to master is it ok ?
Do you want the controllers to share licenses? If yes, you should turn on centralized licensing.
Hi, I found the solution here: https://www.airheads.eu/t5/Controller-Based-WLANs/How-to-u...
I found the solution here:
Thank you very much for your help
We have purchased controllers to replace our aging 3000 sieries controllers. After some...
We have purchased controllers to replace our aging 3000 sieries controllers. After some research and discussion, I was under the impression I could backup my config on my 3600 controller, restore it on my new 7210, license the new unit, reboot and then have a fully functioning replication of my existing controller, but on the new hardware. When I attempted this, the controller comes back up, gets the new name from the config (I can see this on the little LCD screen), but is unable to be managed through either the GUI or SSH. The IP address is the same, but when I try to navigate to it, it strangely attempts to redirect to https://securelogin.arubanetworks.com/auth/cp_disabled.html and gives me an error for why it can't display the page. I followed the procedure, what am I missing? Can the 3600 config running 6.4 firmware not be placed onto a 7210 with 6.5 on it? I am stumped at this point.
I would recommend this: Ensure both controllers are on the same code version. Add the new...
I would recommend this:
Ensure both controllers are on the same code version.
Add the new controller as a standby master.
Failover to the new controller.
Remove legacy controller entries from configuration.
Upgrade new controller firmware.
(Caveat: you need to be aware of how your APs find the controller and update this to the new controller address. E.g. DHCP option or DNS entry.)
Or just rebuild the configuration from scratch on the new controller.
Or if you're really set on importing the configuration, you need to license the new controller first and probably ensure that the configuration dosn't reference interfaces that aren't there.
First issue though is, when you look at the cfg files between the two, they aren't the same (which ...
First issue though is, when you look at the cfg files between the two, they aren't the same (which is why they aren't portable). Specific to interfaces, the 3600 references the Int1 as 'interface gigabitethernet 0/1', whereas a 7x00 controller will reference it as 'interface gigabitethernet 0/0/1' (notice the extra '/X') so the config isn't portable specific to interfaces, and some other elements tied to this. Additionally, AOS 6.5 adds or looks for other things that the 6.4 config doesn't have, and upon a restore, with it not being there, superflous data or incorrect data will be placed in the config (hence the reason to diff the config once you fix the physical interface mismatches from the migration to see if anything else went awry, and you can ignore any 'hash' values that mismatch).
If you go with the rebuild, that's fine too. Once the IP is changed back to what the 3600 had, it should find the controller and come up (you may have to either enable or disable CPsec and set AutoCert Prov to 'yes' to let the APs come up if you used CPsec before, and or re-whitelist the APs).
We have read that in an all-master model consisting of two master controllers, the backup master...We have read that in an all-master model consisting of two master controllers, the backup master cannot terminate any APs. Additionally the active master controller may face scalability limits when it terminates a large number of APs. We are deploying two 7220 controllers and due to licensing reasons, we will need to use the centralized liensing server feature. In order to have backup for the licenscing server, we are leaning towards deploying the controllers in an all-master model, where we will also have a backup licesencing server. Only a master controller can be a licensing server. We have approximately 800 APs, and the 7220 supports 1024. Should we be concerned for potential scale issues if all 800 APs are terminated on the active master controller? Note that in our deployment, no PEF-NG licensing is used, so the controller will not be performing any stateful firewall functions.
...controllers, the backup master cannot terminate any APs. Where did you read that...
We have read that in an all-master model consisting of two master controllers, the backup master cannot terminate any APs.
Where did you read that?
Previous controllers before the 7000 series would have issues being a master controller and...
Previous controllers before the 7000 series would have issues being a master controller and terminating APs. The 7000 series does not have an issue doing so, based on what I have seen.
.... If you have two separate standalone master controllers, where they are both in the...
If a controller is in the 'backup-master' or 'backup' role, it will not terminate any APs. Once it's role changes to 'Master' (assuming the primary master failed), then it will begin terminating APs.
If you have two separate standalone master controllers, where they are both in the 'master' role and you are terminating APs on both and manually syncing the config (or using AirWave), then both masters would be able to termiate APs.
1024 APs, but you should typically only have 80% of the limits for a controller that is doing doubl...
1024 APs, but you should typically only have 80% of the limits for a controller that is doing double-duty.
Hi, when transferring an AP or PEF license from an old controller to a new one, how long w...
when transferring an AP or PEF license from an old controller to a new one, how long will de license still be valid on the old controller? As far as I know there's no check after the license is loaded on a controller and the license will only be erased when you delete it or write erase all but I'd like a confirmation.
Forever. There is no check.