How I have gotten around this is I let the APs join the cluster because the firmware compliance set to 10.x does not seem to work all of a sudden where we get an error message now saying
So I let all APs join the cluster, I disable firmware compliance and I then I manually upgrade the VC to 10.x and all the APs upgrade.
Seems to be working this way....
------------------------------
Aruba Partner Ambassador ACMP, ACDP, ACCP, ACEP
------------------------------
Original Message:
Sent: Aug 05, 2024 10:15 AM
From: Mflowers@beta.team
Subject: New APs coming up as Virtual Controller (VC)
I have run into issues with this. The APs will come up as a VC and then other APs will join them (installing multiple 655 APs at once).
The issue is the APs that are part of the cluster will not upgrade to AOS10 and will be stuck (haven't tested this in months). It becomes a pain to get them removed from central management so that I can manually upgrade them.
Here is what I have done to prevent this issue. I use CX switches and use clearpass for authentication on all ports. I let LLDP do a device auth for all new APs and block all internal communication so that the APs can not form a cluster. I then update the port config once the devices are upgrade to AOS10
class ip all 10 match any any anyclass ip dhcp-server 10 match udp any any eq dhcp-serverclass ip dns 10 match udp any any eq dnsclass ip rfc1918 10 match any any 192.168.0.0/255.255.0.0 20 match any any 10.0.0.0/255.0.0.0 30 match any any 172.16.0.0/255.240.0.0class ipv6 all 10 match any any anyport-access policy deny-internal 10 class ip dns 20 class ip dhcp-server 30 class ip rfc1918 action drop 40 class ipv6 all action drop 50 class ip allport-access lldp-group AP-LLDP-GROUP seq 20 match vendor-oui 000b86 seq 30 match vendor-oui D8C7C8 seq 40 match vendor-oui 6CF37F seq 50 match vendor-oui 186472 seq 60 match vendor-oui 749E75 seq 70 match vendor-oui A85BF7 seq 80 match vendor-oui DCB7AC seq 90 match vendor-oui 6CC49F seq 100 match vendor-oui 482F6B seq 110 match vendor-oui D04DC6 seq 999 match sys-desc ArubaOSport-access role ARUBA-AP associate policy deny-internal auth-mode device-mode vlan access 2port-access device-profile ARUBA_AP enable associate role ARUBA-AP associate lldp-group AP-LLDP-GROUP
Original Message:
Sent: Aug 01, 2024 11:57 AM
From: wdubose
Subject: New APs coming up as Virtual Controller (VC)
I would like them to come up as a standalone AP, not VC. I am running AOS10. There's got to be a setting somewhere in the default group to control this.
Original Message:
Sent: 8/1/2024 9:26:00 AM
From: Herman Robers
Subject: RE: New APs coming up as Virtual Controller (VC)
What mode do you want or would you expect the APs to come up with?
If you want to upgrade to AOS10, just let them come up and upgrade them later. For Instant mode (AOS8) what ariyap mentioned is correct and APs in different VLANs will form separate clusters with one VC per VLAN.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: Jul 31, 2024 01:37 PM
From: wdubose
Subject: New APs coming up as Virtual Controller (VC)
Setting up AP-635s on new Aruba Central Cloud and they keep coming up as a VC. I have another AP plugged into the same provisioning switch, but on a different vlan. How do I prevent new APs from booting up as VC? Do I need to unplug other APs even if they are on a different vlan?