Network Management

Reply
Occasional Contributor I

ZTP Setup/Default VLAN

I've read some of the documentation, but I am not entirely sure I see the best way to get ZTP setup in our environment. 

 

We have both AirWave (w/ Activate) and iMC -- the switches we would mainly be using ZTP with is 2530's (possibly 2920's). Which is the preferred platform/method?

 

Also, regarding the default VLAN 1 is this the only VLAN that can be used with ZTP? I couldn't find anything related to this in the documentation. I did read that entering config mode breaks ZTP, and setting up a seperate VLAN and adding it to the switch kinda defeats the purpose of ZTP. VLAN 1 is currently being used in minor capacity in our environment (without DHCP). 

Frequent Contributor I

Re: ZTP Setup/Default VLAN

As far as I know the 2530 is not supported by Airwave/Activate ZTP because it does not have a TPM chip. So I think IMC is your only option.

MVP Expert
MVP Expert

Re: ZTP Setup/Default VLAN

Hi,

 

2530 is supported with central nowadays. Central uitilizes activate. So that must be supported too. ZTP with airwave is also available by using DHCP.

Instead of using a key from a TPM, RFC 7030 for encryption key enrollment is used.

 

Airwave is the platform of the future for all Aruba products, allthough feature parity is not there yet.

 

With IMC, you can connect new switches to a port, untagged in a different VLAN. This will work, although the switches might complain about PVID missmatches, detected by LLDP. (new Switch uses VLAN 1 untagged, existing switch a different one) This can be used to get the switches into initial contact with IMC. Within ZTP process you should afterwards assign a configuration with right VLAN settings.

 

Not sure about AirWave. Maybe you can put the right VLAN into an DHCP option? Someone else with more AirWave Knowledge should take over... ;-)

 

Regards, Jö

 

Please give kudos, if you like my post.
Please Accept as solution, if my post was helpful.
Occasional Contributor I

Re: ZTP Setup/Default VLAN

Hey Jo,

 

Thanks for the reply -- this got me on the right track,and it did eventually work through iMC ADP with a 2530. Using DHCP options 66/67 on a VLAN other than 1. There were some complaints about a PVID mismatch, but that didn't see to cause any issues. I'll hold off on looking into Airwave for now -- as we manage all of our switches through IMC.

 

From my experience I'd recommend making sure the onfiguration editor line.For example, ; J9773A Configuration Editor; Created on release #YA.16.04.0008 -- is accurate for your device, and that the final config you are pushing to you device doesn't have any lines that wouldn't be recognized for any reason. I had a line in the final config to remove the public snmp address, but the public community no longer existed after the initial config. Seems if any one line is off the whole process fails, and looking at the switch logs it flags the configuration as corrupt.

 

Regards,

 

B

MVP Expert
MVP Expert

Re: ZTP Setup/Default VLAN

Hi B,

 

great, that it worked for you :-)

 

Your experience is not just a recommendation, it is a must.

The ASOS switches validate config files, if these were written for the right platform...

This can be a nightmare for ZTP (at least in iMC).

Don't remember how that was to set, but you can write that line in a way, that it works for a whole family (like all 2930F model/J-numbers).

Sadly: If you configure switches in a stack, that line changes...

 

This is from a 2920 Stack:

; hpStack_WB Configuration Editor; Created on release #WB.16.04.0009

 

Very sad, if your initial config would work for a bunch of switch families. Just because of that validation you may have to provide different "initial config files".

 

Regards, Jö

Please give kudos, if you like my post.
Please Accept as solution, if my post was helpful.
Highlighted
Occasional Contributor I

Re: ZTP Setup/Default VLAN

Hey jo,

 

Thanks again for your help.

 

I did stumble on something that you are talking about while trying to figure this out. It may help someone else. There is a generic header you can use that works only when using DHCP option 66/67. You can bypass the J number by using IGNORE immediately after the number:

 

; J9019B IGNORE Configuration Editor; Created on release #RA.15.17.0008

 

I used this on my initial config, and it worked atleast on a 2530 (J9773A). Some trouble I ran into was trying to use the IGNORE option in my final config that does not work.

 

Reference:

 

http://h22208.www2.hpe.com/eginfolib/networking/docs/switches/K-KA-KB/15-18/5998-8160_ssw_mcg/content/ch06s14.html

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: