Cloud Managed Networks

 View Only
last person joined: yesterday 

Forum to discuss all things related to HPE Aruba Networking Central and UXI Network Management, including deployment of managed networks, configuration, best practices, APIs, Cloud Guest, AIOps, Presence Analytics, and other included Applications
Expand all | Collapse all

New APs coming up as Virtual Controller (VC)

This thread has been viewed 35 times
  • 1.  New APs coming up as Virtual Controller (VC)

    Posted Jul 31, 2024 01:37 PM

    Setting up AP-635s on new Aruba Central Cloud and they keep coming up as a VC.  I have another AP plugged into the same provisioning switch, but on a different vlan.  How do I prevent new APs from booting up as VC?  Do I need to unplug other APs even if they are on a different vlan?



  • 2.  RE: New APs coming up as Virtual Controller (VC)

    EMPLOYEE
    Posted Jul 31, 2024 10:08 PM

    if you are using instant AP firmware, the first AP on a subnet/VLAN always comes up as VC.

    if you want all the IAPs to join the same cluster then they must be on the same subnet/VLAN



    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------



  • 3.  RE: New APs coming up as Virtual Controller (VC)

    Posted Aug 01, 2024 09:26 AM

    What mode do you want or would you expect the APs to come up with?

    If you want to upgrade to AOS10, just let them come up and upgrade them later. For Instant mode (AOS8) what ariyap mentioned is correct and APs in different VLANs will form separate clusters with one VC per VLAN.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 4.  RE: New APs coming up as Virtual Controller (VC)

    Posted Aug 01, 2024 11:58 AM
    I would like them to come up as a standalone AP, not VC.  I am running AOS10.  There's got to be a setting somewhere in the default group to control this.






  • 5.  RE: New APs coming up as Virtual Controller (VC)

    EMPLOYEE
    Posted Aug 01, 2024 08:04 PM

    The AOS10 APs should not show VC at all. If they do the may be these are  brand new APs that still do not have AOS10, thats why they come up as instant APs till they get upgraded to AOS10. So you can set firmware compliance for that group to automatically upgrade them to AOS10.



    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------



  • 6.  RE: New APs coming up as Virtual Controller (VC)

    Posted Aug 01, 2024 09:35 PM
    Yeah, they were shipped with aos8 and the compliance is set to have them update to 10.  I found that if I give them enough time, they eventually reboot to 10 and are no longer VC.  Wierd. 

    Wm. Wayne DuBose
    Network Administrator

      (936) 633-5330
      3500 S 1st Street 
          Lufkin, TX 75904






  • 7.  RE: New APs coming up as Virtual Controller (VC)

    EMPLOYEE
    Posted Aug 01, 2024 10:01 PM

    ok thats what I had expected to happen. but the UI should refresh fast after the new AP is now upgraded to AOS10.

    But it won't impact operations, it will be a AOS10 AP. 



    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------



  • 8.  RE: New APs coming up as Virtual Controller (VC)

    Posted Aug 05, 2024 10:16 AM

    I have run into issues with this.  The APs will come up as a VC and then other APs will join them (installing multiple 655 APs at once).

    The issue is the APs that are part of the cluster will not upgrade to AOS10 and will be stuck (haven't tested this in months).  It becomes a pain to get them removed from central management so that I can manually upgrade them.

    Here is what I have done to prevent this issue.  I use CX switches and use clearpass for authentication on all ports.  I let LLDP do a device auth for all new APs and block all internal communication so that the APs can not form a cluster.  I then update the port config once the devices are upgrade to AOS10

    class ip all
        10 match any any any
    class ip dhcp-server
        10 match udp any any eq dhcp-server
    class ip dns
        10 match udp any any eq dns
    class ip rfc1918
        10 match any any 192.168.0.0/255.255.0.0
        20 match any any 10.0.0.0/255.0.0.0
        30 match any any 172.16.0.0/255.240.0.0
    class ipv6 all
        10 match any any any
    port-access policy deny-internal
        10 class ip dns
        20 class ip dhcp-server
        30 class ip rfc1918 action drop
        40 class ipv6 all action drop
        50 class ip all
    port-access lldp-group AP-LLDP-GROUP
         seq 20 match vendor-oui 000b86 
         seq 30 match vendor-oui D8C7C8 
         seq 40 match vendor-oui 6CF37F 
         seq 50 match vendor-oui 186472 
         seq 60 match vendor-oui 749E75 
         seq 70 match vendor-oui A85BF7 
         seq 80 match vendor-oui DCB7AC 
         seq 90 match vendor-oui 6CC49F 
         seq 100 match vendor-oui 482F6B 
         seq 110 match vendor-oui D04DC6 
         seq 999 match sys-desc ArubaOS
    port-access role ARUBA-AP
        associate policy deny-internal
        auth-mode device-mode
        vlan access 2
    port-access device-profile ARUBA_AP
        enable
        associate role ARUBA-AP
        associate lldp-group AP-LLDP-GROUP


     




  • 9.  RE: New APs coming up as Virtual Controller (VC)

    Posted Aug 13, 2024 03:22 PM

    How I have gotten around this is I let the APs join the cluster because the firmware compliance set to 10.x does not seem to work all of a sudden where we get an error message now saying

    So I let all APs join the cluster, I disable firmware compliance and I then I manually upgrade the VC to 10.x and all the APs upgrade. 

    Seems to be working this way....



    ------------------------------
    Aruba Partner Ambassador ACMP, ACDP, ACCP, ACEP
    ------------------------------



  • 10.  RE: New APs coming up as Virtual Controller (VC)

    Posted Aug 15, 2024 04:24 PM

    Set the Firmware compliance in the Group and select the desired AOS10 firmware version. sometime you have to disable and enable the firmware compliance if its not working properly, simply restart the process :). if not you can do it manually.



    ------------------------------
    Harendra
    ACEX165
    ------------------------------