Wired Intelligent Edge

 View Only
  • 1.  Streamline cppm logins across versions

    Posted Oct 29, 2024 06:05 AM

    Hi,

    Environment:

    I have 2 setups (6.10 and 6.12), 6.10 have a different credential for DUR, shared secret and tacacs secret, 6.12 carry another set of cred.

    Besides, I carry a mix of 2930s and 6x00s, Central gives you flexibility of adding DUR via gui, but not for 6x00s, so 6x00 is out of question here.

    Requirement:

    Now I want to migrate switches, aps and endpoints from 6.10 to 6.12, via central with minimal impact, I know a single cred across would have been good, but now that we are this stage, what would be the best method to migrate.

    With Central, I can add new radius servers (6.12) and update DUR creds for 2930, however I also need to update the new subnets for device groups in CPPM. How should I target this, to achieve this with minimal impact or outage.

    Cheers,



  • 2.  RE: Streamline cppm logins across versions

    Posted 11 days ago

    Any inputs on this?




  • 3.  RE: Streamline cppm logins across versions

    Posted 10 days ago

    You can create two accounts in ClearPass for role downloads (DUR); so that allows to use the old credentials and the new at the same time if you are ok having a different username as well.

    If the subnets are new, so not yet in ClearPass, you can do the same there. Just add them and from either the old or the new subnets the RADIUS requests are accepted.

    Once you moved over, you can remove the old account and old subnets from the ClearPass configuration.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------