Cloud Managed Networks

 View Only
last person joined: yesterday 

Forum to discuss all things related to HPE Aruba Networking Central and UXI Network Management, including deployment of managed networks, configuration, best practices, APIs, Cloud Guest, AIOps, Presence Analytics, and other included Applications
Expand all | Collapse all

Aruba Switches Periodically Disconnecting From Central

This thread has been viewed 18 times
  • 1.  Aruba Switches Periodically Disconnecting From Central

    Posted Jul 08, 2024 04:20 PM

    This is only happening at one of the sites we manage. Every month and a half or several, I'll look the site up in Central and see red. The 2930F switches have disconnected. All I need to do to fix the issue is open a direct CLI to them locally, 'disable/enable' Aruba Central, and they're back on-line. I'm just wondering why it keeps happening and figured someone here might have an idea, before I contacted TAC. These are the only devices at the site registered to Central. I just added an AP, but didn't bother registering it.

    Looking at it with an Account Tech Rep, I thought I'd found something interesting. 'Error 5222 - TLS Connection Error'. I couldn't find anything flagged on our firewall or other perimeter control systems, so it shouldn't be on our end. Not much reference to that error anywhere online, either. The odd thing, though, is that now that the switches are reconnected to Central, that error persists in the log every 5 minutes or so. So is it a direct cause? I don't know.

    I welcome your thoughts!



  • 2.  RE: Aruba Switches Periodically Disconnecting From Central

    Posted Jul 09, 2024 04:47 AM

    Based on that is is just on one site, I'd suspect the firewall/router/other stateful security device. If a firewall loses track of a connection or NAT entry, packets belonging to that connection may be dropped and the connection effectively stops. It may be that the switch does not detect that situation and just keeps on trying. If you disable/enable Central from the switch, you pull down the connection, and start it again.

    If you can do a packet capture on your firewall, you may see this behavior. The (tcp) session inactivity timers may need to be increased to get around this. Does this site have a different firewall, or configuration?

    It may also help if you upgrade the switch firmware to a recent version, if you have not done that yet. It may be that this situation has been addressed, but no guarantees.

    If your firewall does not drop the traffic, please reach out to Aruba TAC.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------