Wired Intelligent Edge

last person joined: yesterday 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

Device Profiles Tutorial for CX switches

This thread has been viewed 155 times

  • 1.  Device Profiles Tutorial for CX switches

    EMPLOYEE
    Posted Jul 01, 2020 06:38 AM
      |   view attached

    Here is a short technote to demonstrate "Device profile" feature for CX 6200/6300/6400 switches. Device profile was a popular feature in AOS-S switch like 2930F/M and the aim of the feature is to automatically discover the key devices that are connected to the switch port using LLDP/CDP and to enable automatic configuration of the switch ports in which they are connected without the need for authentication.

     

    This technote will demo device profile feature for when an Aruba AP is connected dynamically changing switch port configuration for

    • PoE Priority
    • Trunk mode
    • Native VLAN
    • Allowed VLAN
    • QoS Trust boundary

    Hope you’ll find it useful and as always please send through your feedback for improvements.

    Attachment(s)

    pdf
    Device Profiles with Aruba CX.pdf   683 KB 1 version


  • 2.  RE: Device Profiles Tutorial for CX switches

    Posted Sep 17, 2021 08:45 AM
    Hello
    doesn't work for me. Please Help

    I wannt that if the user connects a telephone with vendor oui 00940, it should be automatically moved in vlan 100 for example.
    I have configured with the Tutorial but doesn't work. The telephones always stay in native Vlan 1.
    i don't know what am I doing wrong.Please Help

    my config

    Role Profile"

    sw-arb01#
    port-access role Phone_role
    description agfeo IP Phone-group
    poe-priority high
    trust-mode dscp
    vlan trunk native 1
    vlan trunk allowed 100

    "lldp Profile"

    sw-arb01#
    port-access lldp-group Phone_group
    seq 10 match vendor-oui 000940

    "associate Role and lldp profile with Device Profile."

    sw-arb01#
    Port-access device-profile Phone_prof
    enable
    associate role Phone_role
    associate lldp-group Phone_group

    end


    sh run from Switch

    sw-arb01# sh run
    Current configuration:
    !
    !Version ArubaOS-CX PL.10.08.0001
    !export-password: default
    hostname sw-arb01
    clock timezone europe/amsterdam
    ntp server 10.10.xx.xx iburst
    ntp server pool.ntp.org minpoll 4 maxpoll 4 iburst
    ntp enable
    !
    !
    !
    !
    ssh server vrf default
    vlan 1
    vlan 100
    name Voice
    voice
    spanning-tree
    port-access lldp-group Phone_group
    seq 10 match vendor-oui 000940
    port-access role Phone_role
    description agfeo IP Phone-group
    poe-priority high
    trust-mode dscp
    vlan trunk native 1
    vlan trunk allowed 100
    port-access device-profile Phone_prof
    enable
    associate role Phone_role
    associate lldp-group Phone_group
    interface 1/1/1
    no shutdown
    vlan access 1
    interface 1/1/2
    no shutdown
    vlan trunk native 1
    vlan trunk allowed 107

    Thx and regards


    ------------------------------
    David Lawson
    ------------------------------

    Original Message


  • 3.  RE: Device Profiles Tutorial for CX switches

    EMPLOYEE
    Posted Sep 17, 2021 09:09 PM
    few questions to help narrow it down.
    do your phones support LLDP and is the LLDP OUI vendor correct?
    what version of firmware are you running on CX switch?
    also try the following show commands
    • sh port-access device-profile
    • sh lldp nei de
    • sh port-access device-profile interface all


    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba.
    ------------------------------

    Original Message


  • 4.  RE: Device Profiles Tutorial for CX switches

    Posted Sep 22, 2021 02:12 PM
    Hello

    please see below my answer.

    -Aruba 6100 m with os Version ArubaOS-CX PL.10.08.0001
    -Agfeo ip phone

    I want the phone to be automatically moved in the predefined vlan 100.

    I did it with lldp protokol but does not work. I did it with mac group doesn't work.
    the phone stays always in vlan 1. Please help.

    ----Configuration with lldp Proticol-----

    swicht# vlan 100
    voice

    port-access lldp-group Phone_group
    seq 10 match vendor-oui 000940

    port-access role phone_role
    description agfeo
    poe-priority high
    trust-mode dscp
    vlan access 100

    port-access device-profile Phone_prof
    enable
    associate role phone_role
    associate lldp-group Phone_group

    Telephone connected to switch, alway in Vlan1

    -----configuration with Mac group-----

    swicht# vlan 100
    voice

    mac-group mac-group1
    seq 10 match mac 00:XX:XX:XX:XX:XX

    port-access role phone_role
    description agfeo
    poe-priority high
    trust-mode dscp
    vlan access 100


    port-access device-profile profile01
    enable
    associate mac-group mac-group1
    associate role phone_role


    ----Telephone connected to switch, alway in Vlan1----

    -sh port-access device-profile

    Profile Name : profile01
    LLDP Groups :
    CDP Groups :
    MAC Groups : mac-group1
    Role : phone_role
    State : Enabled

    -sh lldp nei de
    phone is not displayed.

    # sh port-access device-profile interface all
    No device-profile clients found.

    I do not know what I'm doing wrong

    please Help me.

    my question

    i dont know if the phone support lldp protocol or not, but if not, should mac group profil work or not?


    I do not know what I'm doing wrong. please help
    Thx and regards

    ------------------------------
    David
    ------------------------------

    Original Message


  • 5.  RE: Device Profiles Tutorial for CX switches

    EMPLOYEE
    Posted Sep 24, 2021 06:51 AM
    looks like your phones dont support LLDP.  so the MAC group match should work
    please reach out to TAC so you can resolve this issue in timely manner.

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba.
    ------------------------------

    Original Message


  • 6.  RE: Device Profiles Tutorial for CX switches

    Posted Aug 17, 2023 04:02 AM

    Is there way to use this feature to override a port config for an already pre-configured port? For example we currently have an AP installed that is bridged traffic and the ports are trunk, we want to auto-update the ports to access once we install the new AP. Or if we already have one type of device on it and we unplug it and plug in a different one, can it switch the port over? I tested it with one device and it seems like the port configuration has higher priority than the port-access device-profile. I was wondering if there is an additional option to override whatever config is on that port.


    Original Message