If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
Original Message:
Sent: May 25, 2023 04:54 PM
From: MoJoPBS
Subject: 2930F Web socket Connection Failed Aruba Central
I'll give that a shot using wire shark. We have checked the firewall, no luck. Do you know if curl utility on the switch can be configured to skip the SSL cert validity check, or if Aruba has some way of refreshing the built-in "cacert" file for the on-board curl utility?
Original Message:
Sent: May 25, 2023 11:01 AM
From: Herman Robers
Subject: 2930F Web socket Connection Failed Aruba Central
You may run a packet capture and if you are lucky can see the used certificates and possibly the certifcates in use. But if you have not done that before, it may be better to work with your Aruba partner or Aruba support.
Some firewalls do SSL inspection, which basically breaks SSL and requires changes to each of your clients. If your firewall (possibly) performs SSL inspection/decryption, turn it of for traffic from your switch or traffic going to Aruba Central.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: May 17, 2023 10:59 AM
From: MoJoPBS
Subject: 2930F Web socket Connection Failed Aruba Central
Paige, the switch did randomly start connecting to aruba-central for about 9 hours, then it completely disconnected and went back to the same original issue. I have been doing some research on SSL certificate but can't find any information pertaining to the switch and certificates with aruba-central. Do you have any further information about the SSL?
Original Message:
Sent: May 15, 2023 04:25 AM
From: Paige Bailey
Subject: 2930F Web socket Connection Failed Aruba Central
The error message "SSL negotiation failed with status = -7629" indicates that the device is having trouble establishing a secure connection with the Aruba Central server. This could be caused by a number of issues, including incorrect firewall settings or an issue with the device's SSL certificate.
You have already checked the firewall settings, so the next step would be to verify the SSL certificate. Make sure that the device's SSL certificate is valid and matches the certificate configured on the Aruba Central server. If there are any mismatches or errors, you may need to update the SSL certificate on the device or on the server. MyGeorgiaSouthern
If the SSL certificate is not the issue, you could try restarting the device and checking the configuration settings to ensure that they are correct. If the problem persists, you may need to contact Aruba support for further assistance. Please check this if it can help..
Original Message:
Sent: May 12, 2023 11:34 AM
From: MoJoPBS
Subject: 2930F Web socket Connection Failed Aruba Central
2930F is not connecting to Aruba Central. In the logs it states:
W 05/12/23 10:22:54 05232 central: SSL negotiation failed with status = -7629.
I 05/12/23 10:22:54 05235 central: Websocket connection failed. Config channel
is not established. Retry after 60 seconds.
I have added the foundation license, and aruba-central enable, and activate provision force. I have checked all firewall settings, however I could have missed something. Any help would be greatly appreciated as I'm quite new to Aruba Central.
Some more information:
Server URL : https://device-uswest4.central.arubanetworks.com/ws
Connected : No
Mode : NA
Last Disconnect Time : NA
Server DNS Lookup : Success
Proxy Server DNS Lookup : NA
Error Reason : TLS generic error (code: -7629)
Configuration and Status - Activate Provision Service
Activate Provision Service : Enabled
Activate Server Address : devices-v2.arubanetworks.com
Activation Key : ********
Time Sync Status : Time sync from SNTP server
Activate DNS Lookup : Success
Proxy Server DNS Lookup : NA
Activate Connection Status : Success
Error Reason : NA
Override Default Config Check : Disabled