Hello
I got a question
We need to migrate switches that are doing tunnel mode from one gateway that is not on aruba central and not managing aps to a gateway that is on aruba central managing aps
The tunnel carry all the users that are doing 802.1x. Everything related ro thw user roles comes from the clearpass, then roles goes to the switches and finally the swirches send the roles to the gateway
The change looks really simple but i would like to check anyways
Gateway with without aruba Central i will call it Gateway A
Gateway with managed by aruba central i will call it Gateway B
What i would need to do is
1- Create all the roles related to tunnels that the gateway A has on the gateway B
2- Change the ip address of the tunnels from the gateway A to Gateway B for example
tunneled-node-server
controller-ip 172.16.6.3 // IP of the Gateway A
mode role-based
exit
To
tunneled-node-server
controller-ip 172.16.7.2 // IP of the Gateway B
mode role-based
exit
3- All the lines that are like this
tunneled-node-server-redirect secondary-role "yyyyyy"
Are the roles that i have to configure on the Gateway B, and well those are the ones i need to pay attention
4- Gateway A is on aruba OS8 and Gateway B is on Aruba OS 10 is there is any issue with this??
The ther thing i wanted to ask is that if the client manage the switches through the aruba central he just can manage it with templates? he will no longer see the web gui ?
The client does not want to loose hise web gui so this is really important.
The last thing to ask is that the order for all this should be
1-create the roles on gateway B
2-Change the tunneled node server
3-finnally add the switches to aruba central on monitor mode? if he want to stay with this web gui?
Let me know if this is correct or i need to change something? or im missing anything? do i need to check for the Fimrware of all the switches to see if aruba central support it?