How does MAS and Aruba activate integration work
Answer- The article apples to MAS 7.3 and above
Following is the workflow of MAS and Aruba activate integration work.
1. MAS posts it's MAC, serial number, part number to device.arubanetworks.com using HTTPS (443)
2. It also post all subordinate devices (if it is a stack, primary posts this mentioning it's member- devices)
3. And current FW version
4. Aruba Activate authenticates MAS device via device TPM certificate.
5. Aruba Activate should determine if the MAC, serial number are:
- In shipped status
- Assigned to a customer
- Customer has enabled service
- Customer has setup a rule
6. If device meets all above criteria then send back provisioning information:
- AMP IP
- AMP group
- Shared secret
Note: Use Provisioning-Rule-Type "MAS to Airwave“ to configure AMP-IP, shared-secret, AMP-group/folder details on Activate.
7. Aruba Activate updates the device records
- Last seen : Time stamp. It can be used for debugging incase any issues.
- FW version : Including the subordinate MAS devices (stack-members)
- Source IP : Helpful in determining location
8. MAS in-turn contacts AMP with above details again using HTTPS POST to obtain the config. If it is contacting for the first time, device gets “Registered” on the AMP. Then AMP pushes config.
Note: Before that AMP to be pre-provisioned with “golden-config” for that group which all subsequent devices would download automatically.