Network Management

 View Only
last person joined: 2 days ago 

Keep an informative eye on your network with IMC and AirWave network management solutions.
Expand all | Collapse all

Connect Aruba 2530 switch series to Ubiquiti UDM-Pro

This thread has been viewed 32 times
  • 1.  Connect Aruba 2530 switch series to Ubiquiti UDM-Pro

    Posted Jan 02, 2022 05:54 PM
    Hi guys I need a hand as I don't know the ubiquiti infrastructure in depth yet. My current configuration is composed as follows: a Cisco 2921 router (for a multi-wan connection, with a dedicated VLAN) connected to a series of 30 Aruba 2530 series switches on which 7 VLANs are propagated (6 with various uses, more clearly the VLAN 1 that gives the ip to the switches with class Currently the VLANs are all managed by a dedicated OPNSense firewall machine that will take care of everything, including dhcp. These switches are connected to 2 cisco 2500-series wireless controllers that drive 25 access points each. The controllers are malfunctioning and therefore we bought a udm pro with 50 U6-LR.
    My idea is to continue to use the OPNSense to manage the dhcp and firewall part and use the udm pro only for controlling the access points.

    The "problem" as well as the doubt comes now: the current cisco controllers are connected to 8 ports (4 per device) configured on the switch side in LACP, where the vlan 20 is tagged and 100 untagged for the 4 trunk-lacp ports (vlan20 is for Wi-Fi connected device ip lease and vlan100 for repeater ip lease). It seems to me that ubiquiti does not manage the lacp protocol and therefore how should I behave to replace the cisco with the ubiquiti controller? Do I leave the current aruba side configuration and connect the remaining 7 ports to the current switch side LACP and one for the lan? Should I use the sfp+ port in order to divert all the traffic of the access points there and leave the management of the lan to a single eth port?
    UDM side the vlans are already setted in no-dhcp mode: 20 with, 100 with and 1 with 

    Thank you for your patience and forgive me for my english and if I should have written any snaps ;D.

  • 2.  RE: Connect Aruba 2530 switch series to Ubiquiti UDM-Pro

    Posted Jan 03, 2022 08:00 AM
    Hi, provided that, as you've already recognized, the Ubiquiti UDM Pro hardware appliance doesn't support LACP (IEEE 802.3ad) link aggregation feature you're basically forced to use at least (or, better, at most) one single link between the Switch where the UDM Pro will be connected and the Ubiquiti UDM Pro appliance.

    This link could be configured to allow (permit) one or more VLAN Ids over that single physical interface (and this feature is for sure supported on Switch side because it's a very common VLAN-Related features): such of a interface is often known as an interface operating in "Trunk Mode" (where the world "trunk" in this case doesn't mean the classic "Port Trunking" - links aggregation - feature as historically is per Aruba 2530 ArubaOS-Switch operating system's jargon); if the Ubiquiti UDM Pro supports VLAN tagging you should be in a good position: you can then configure a UDM Pro Port as tagged member of VLAN 20 and - concurrently - as untagged member of VLAN this way that UDM Pro <- Link -> Switch Port is thus carrying (allowing) both VLAN 20 tagged packets and no-tagged packets (the latter could leave the Switch Port to UDM Pro Port and/or leave the UDM Pro Port to Switch Port as no-tagged but will remain exactly VLAN 100 tagged "internally" on each respective device). Remember that VLAN 100 - in this case - will be basically what is known as the Native VLAN ID or the Port VLAN ID of the port on the Switch, don't know what name/function is used on the UDM Pro for that VLAN configuration, if any.

    At this point a 10Gbps port (SFP+ or Copper, if supported on both involved devices) is to be attention that Aruba 2530 doesn't support SFP+ capable port slots (so no 10Gbps, at best 1Gbps on SFP capable port slots).

    Davide Poletto

  • 3.  RE: Connect Aruba 2530 switch series to Ubiquiti UDM-Pro

    Posted Jan 03, 2022 03:35 PM

    Thanks for your support, Parnassus, as always! You have saved me in the past many other times the day with your precious advice to other users!!!

    I will use a test switch trunk-connected with the main one (the trunk port is setted with the VLAN 1 untagged and all the others tagged).
    I thought to configure this switch in this way: port 1 for emergency connection, port 2 for trunk connection to the other switch (vlan1 untagged, 20 and 100 tagged); from 3 to 24 vlan20 tagged and 100 untagged.
    I intend to connect the 8 Giga-ports of the UDM-Pro from port 3 to 10, set into UDM-PRO the ports in "all mode" (I think it's the ubiquiti-equivalent of the trunking in the Aruba-land) and assign the vlan100 to the wi-fi network from the dedicated menu within the controller configuration (on the sandbox config this set-up worked fine).
    The dhcp is managed by the OPNSense firewall, and therefore, of course, I have already disabled this option from the udm-pro.
    I will connect the access points on the remaining ports. This is just a test as I obviously do not intend to attach them all on the same switch (for completeness of information there are 44 cisco repeater located on various locations and various switches). Theoretically, disconnecting the 2 Cisco controllers and connecting the UDM-PRO in this way, it should work. By setting the other switches with the same criterion (for each port where an access point is connected, VLAN20 tagged and 100 untagged), the UDM-PRO should see all the access points scattered around the network... It must be said that the current Cisco configuration provides 8 LACP trunks on two separate switches (connected to the main switch of the star center), I do not know if the non-possibility of reconfiguring this scenario could give stability problems...but perhaps logically splitting the traffic on 8 trunk ports there should be no problems.

    Ultimately, to prevent the UDM-PRO from complaining about the absence of internet, I directly configured a WAN access to the WAN-ETH port (it is a multi-wan connectivity with an ip address pool).