Search the Community
- ClearPass Recipe Review
- ClearPass Recipe Submission
- Admin Tool - Assign Role in Bulk
- Admin Tool - User Search
- CWNP Conf 2015
- Airheads Conference Vegas 2015
- Wlan Pro Conference 2015
- Airheads Conference Shanghai 2014
- WLAN Pro Conf EU 2014
- CWNP Conference 2014 (Sep 22 - 24)
- Airheads Local 2014
- Wireless Field Day 7 (Aug 6-8, 2014)
- Black Hat 2014 Contest
- Airheads EMEA Italy 2014 (June 9 - 13)
- Americas Airheads Conference 2014
- WLAN Professionals Summit 2014
- Airheads Roadshow 2013
- EMEA Airheads Conference 2013
- APJ Airheads Conference 2013
- Americas Airheads Conference 2013
- Americas Airheads Conference 2012
- APJ Airheads Conference 2012
- EMEA Airheads Conference 2012
- Airheads EMEA 2012 Contest: How to Enter - Contest Terms & Conditions
- Airheads EMEA 2012 Contest: Create your Entry to Win Here!
- Airheads Conferences Prior to 2012
- Americas Airheads Local Events 2012
- EMEA Airheads Local Events 2012
- Wireless Field Day 3 @ Aruba Networks
- Wireless Tech Field Day 2- Silicon Valley
- Wi-Fi Mobility Symposium- San Jose, CA USA
- SDN Apps
- Connector Translation Testing area
I have a Aruba 600 controller, which act as a master.Now i want to install another controller in the same network. [for testing purpose]
My question is
1. does the 2nd controller import all configuraton from master?
2. I dont want to define it as local, if i dont is there any problem?
3. There is one dhcp server in the network, so i want to give the controller and ap [which i'm going to implement with 2nd controller] both static ip,
and in ap i think to define the 2nd controller as a master controller, so from where this ap will import configuration?
Controllers are different from Instant. In order to utilize the same configuration and be able to...Controllers are different from Instant. In order to utilize the same configuration and be able to terminate APs, you'll have to add it as a local. Your other option would be to take a backup and then restore but I would not put them on the same subnet.
It won't because these are not talking to each other , any config you put in place in either contro...It won't because these are not talking to each other , any config you put in place in either controller will not be share
To turn on adp on the test controller again use the same command but instead of disable use enable....To turn on adp on the test controller again use the same command but instead of disable use enable.
Don't turn it off in your production controller just on test controller
I have a Aruba 3600 controller.
there is two vlan.
vlan1= 172.16.0.0 network
vlan2= 172.18.0.0 network.
controller is on vlan 1 [controller ip =172.16.0.254]
from controller i am not able to ping any device on vlan2 & from any device in vlan2 i cant able to any device on vlan1 [controller also]
please tell me what i have to do?
i want that they can able to ping each other.
I have an issue with my wifi connection bandwith and i need to make a rule on my controller to indicate the user has the right just to just one connection .
I use authentication by AD.
From a colleague: " There is a “maximum concurrent session” parameter for local accounts...
From a colleague:
"There is a “maximum concurrent session” parameter for local accounts (when the controller is used as a RADIUS server, but with external authentication like AD, I don’t believe it is possible to enforce this."
If you have a Policy Engine like ClearPass, it would be possible to do it with radius accounting. Microsoft Radius servers do not have this capability.
I have Aruba controllers 7010 (version 18.104.22.168) that gets rebooted (wlsxColdStart Detected),
From the Webgui, the logs show that the controller was down and back up,
From CLI, I noticed that the logs were showing (killing dogma and watchdog) before and after the reboot,
It doesn't really say what caused the reboot,
Is there some other ways to find out what cause the reboot?
...: This issue was observed in controllers running ArubaOS 22.214.171.124.
Bug id : 167418
Symptom: A master controller rebooted after DPI was disabled. The log file listed the reason for the event as Reboot Cause: Datapath timeout (SOS Assert) (Intent:cause:register 54:86:50:2). The fix ensures that the controller works as expected.
Scenario: This issue was observed in controllers running ArubaOS 126.96.36.199.
does anyone know if you can set up a ipsec tunnel between two controllers. NOT a site-site but need to map a VLAN from head office to a controller network. I know you can do a GRE tunnel but that has problems across NATted boundaries.
ok thank you, just wanted to know how do you set up the IPSEC tunnel between two controllers?
ok thank you,
just wanted to know how do you set up the IPSEC tunnel between two controllers?
Hi Pete, You can setup a VPN tunnel between the controllers first and within that tunnel...
You can setup a VPN tunnel between the controllers first and within that tunnel you can create a L2 GRE tunnel to transport the vlan between the sites.
thanks Jonas, here's my thinking:- Site-site between controllers with the public IP addresses of...
here's my thinking:-
Site-site between controllers with the public IP addresses of the headquaters and DMZ as the destination ip.
GRE tunnel between the controller provate ip addresses.
how does this sound?
Jonas, tried out that solution works just fine thanks for your help. cheers pete
tried out that solution works just fine thanks for your help.
I'm looking to purchase the Aruba 7210 wireless controller along with 30 AP-335 wireless APs and 8 AP-334 wireless APs for my organization.
I'm a little confused about the licensing though, so I'm hoping someone can help me out with this.
Do I need to purchase a license for each of the APs that I intend to connect to the controller? If so, how do I determine exactly which license I need? Do I also have to purchase a license for the controller itself?
For example: I'm seeing item JW500AAE which is labeled as Aruba PEF VIA License for 7210 Controller E-LTU. The cost on this is about $16,000. Then I see JW472AAE Aruba Controller Per AP Capacity License E-LTU for $75.00 each.
So, basically, I'm getting really confused on exactly what I need to purchase to get this project rolling. I would have thought that the APs would have come with a license (especially for the asking price of $1,600 or so per AP.) But when I contacted the vendor, they said I needed to buy a license for each AP on top of the unit cost. They also advised me that the licenses have to be bought again after a set period of time.
Any advice is very much appreciated!
I finally got in touch with one of my vendors who was able to explain the licensing to me. Th...
I finally got in touch with one of my vendors who was able to explain the licensing to me. The answer is:
For 90% of most deployments, 2 licenses are typically used:
1) JW472AAE - Aruba Controller Per AP Capacity License
This is a perpetual license that allows one access point to be managed by the controller. You need one of these for every access point you want to connect to and manage with the controller. Your basic license.
2) JW473AAE - Aruba Controller Per AP PEF License
This is a license that must be acquired on top of the JW472AAE license. This license isn't mandatory, but it allows more advanced role-based access controls on a per AP basis. (Like if you wanted to have a restricted network and an open network, but you had one or two devices that normally connect to the open network but need access to resources only available on the restricted network.)
It's important to note that the PEF license augments the capacity license - it does not replace it. (Think: more $$ to use more features.)
My vendor said that for 90% of most deployments they see, the above two license types are really the only two to be concerned with. There are others that offer increasing functionality and features at an exponential price increase.
Also, Aruba does offer non-perpetual licenses that must be renewed every year. So, be very careful and talk to your vendor before you actually buy any licenses. In most scenarios, you'll probably want the perpetual licenses. There are; however, cases where an annual license may be a better fit for you.
In closing: I noticed that there seem to be large-quantity license "packs" available at significantly better prices than buying the licenses individually. For certain enterprise deployments, these options may be more viable.
My Opinion: It honestly confuses me why Aruba has made this process so complicated. They have two series of AP: IAP and AP. IAP can work with or without a controller whereas AP are marketed specifically for use with a controller. Why they charge $1500+ for an AP and then force you to pay more just to be able to use it seems a little "greedy" to me. I'd say that if you're going to market a product to work with another product, the licensing should be included in the price - especially at that price point.
Don't get me wrong ... Aruba's got some really nice high-quality stuff ... but you can tell they like some of their stuff just a little too much.
We just purchased 2 new controllers to replace our existing ones. We also purchased a MM to go along with it. The new controllers came on version 5.x. Do I need to use the migration tool to upgrade them to 8.x even though they don't have any configuration (except mgmt IP) yet? Or can I just upload the 8.x code to them and reboot to the other partition?
Providing that these are not Education bundle controllers you can upgrade them and re-apply the...
Providing that these are not Education bundle controllers you can upgrade them and re-apply the licenses.
If there's no config to preserve, you would just upgrade them to 8 and re-run the startup wizard to...
If there's no config to preserve, you would just upgrade them to 8 and re-run the startup wizard to point them at the MM. From there, outside of their IP address and info like that, the config comes from the MM.
Would it be possible to convert a controller 305 AP (purchased as controller based) to instant?
I have master/standby topology, i dowload certificate on the master controller and us this certificyate in securtiy->authentication->L2 authentication, (the certificate name is the controller name, and master name is diffrent from standby name).
I noticed that the certificate from master was not moved to standby,
Can i import diffrent certificate to standby ?
Is it problematic since i have database sync ?
Security > Authentication > L2 Authentication
...configuration) between the two master controllers.
Hey, you can check that the database sync is working as expected by running #show database sync
According to the documentation only the WMS, Local User and CPSEC DB are sync'd (along with running configuration) between the two master controllers.
...controllers to share licenses? If yes, you should turn on centralized licensing.
can i add different license to the second controller,
To do so the second controller must change his role to master is it ok ?
Do you want the controllers to share licenses? If yes, you should turn on centralized licensing.
...controllers active and standby i create csr on both of them. On the master everything is ok, the...
I have problem with the certifaicate on the standby controller.
I have two controllers active and standby i create csr on both of them.
On the master everything is ok, the problem i mentioned is on the standby.
Hi, I found the solution here: https://www.airheads.eu/t5/Controller-Based-WLANs/How-to-u...
I found the solution here:
Thank you very much for your help
I have a controller to controller GRE tunnel for guest access - anchor to DMZ. The role on the local controller is called "guest-tunneled" and the role on the dmz controller is "guest".
Today, we have matching ACLs on both roles, but when I need to make an udpate, I need to do it multiple times. Wouldn't I only need ACLs on the DMZ role of "guest" since all traffic is forced there anyway?