Wireless Access

Reply
Guru Elite

Re: Automatic provisioning of APs


@meaganmargaret wrote:

What about the local-userdb-ap?  I can't add APs that way?


The local-userdb-ap is only for Remote APs.  There is also a control plane security whitelist that will admit/deny campus access points to your network, but it it will not rename them or put them into groups.

 

Do you have many access points and many groups that this needs to be done to?

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: Automatic provisioning of APs

What about this command:   whitelist-db cpsec add mac-address

 

So, here's what I'm trying to do:

 

I found out that I can remotely rename and regroup an AP, even when it's offline, IF it is found in the database.  This allows me to add APs offline, remotely, at almost any time, and when they finally attach to the network, those commands trigger, and the AP is put in the right group with the correct name.  BUT, it doesn't work if the AP is not in the database.

 

So, I'm trying to figure out if there is any way to add the AP into the database before it attaches to the network, using any kind of command or import.

Occasional Contributor II

Re: Automatic provisioning of APs

Yes, about 300

Guru Elite

Re: Automatic provisioning of APs


@meaganmargaret wrote:

What about this command:   whitelist-db cpsec add mac-address

 

So, here's what I'm trying to do:

 

I found out that I can remotely rename and regroup an AP, even when it's offline, IF it is found in the database.  This allows me to add APs offline, remotely, at almost any time, and when they finally attach to the network, those commands trigger, and the AP is put in the right group with the correct name.  BUT, it doesn't work if the AP is not in the database.

 

So, I'm trying to figure out if there is any way to add the AP into the database before it attaches to the network, using any kind of command or import.


There is not a way to do this before the access point attaches to the network.  The cpsec whitelist does not allow you to specify a name or group.

 

More often than not, if you have an ap-group that most of your access points will be in anyway, you configure your expected WLAN settings to the default ap-group;  In that way, all new access points will come up, receive that configuration, start serving clients, and you can provision the names and ap-groups at a later time...

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: Automatic provisioning of APs

Okay, you're not understanding me, quite.

 

First of all, it's an existing network, and it's important to configure these as quickly as possible, given that they are replacing existing in production APs.

 

Here's what I'm asking:  can I add the mac address using that command, then....much later,  use the ap-rename and ap-regroup commands, and again much later, plug the AP into the network and make sure it gets the name and the group correctly.

 

NOTE:  I am not trying to do this all at once.  The only thing I'm asking about right now is if I can add the mac address via the whitelist command, such that later on, I can use a dfferent command to name it and group it.

Guru Elite

Re: Automatic provisioning of APs


@meaganmargaret wrote:

Okay, you're not understanding me, quite.

 

First of all, it's an existing network, and it's important to configure these as quickly as possible, given that they are replacing existing in production APs.

 

Here's what I'm asking:  can I add the mac address using that command, then....much later,  use the ap-rename and ap-regroup commands, and again much later, plug the AP into the network and make sure it gets the name and the group correctly.




You cannot use the ap-group or ap-rename commands with serialnumber or wired mac address, unless the access point (the new one replacing the old one) has contacted the controller.  This is because the wired mac address OR the serialnumber of the replacing access point would have had to contact the controller, before you run that command.  The entry into the AP database would not have been created if the new access point never contacted the controller.  If that didn't happen, you would not be able to run the ap-rename with serialnumber or mac address command..

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: Automatic provisioning of APs

ok, thanks

Frequent Contributor II

Re: Automatic provisioning of APs

Can't you just modify the default profile? I do some thing similar so as to put any erroneous APs into a air monitor state. Just ideas :)
Occasional Contributor II

Re: Automatic provisioning of APs

Hi _ I wanted to see if there are any updates to this behavior. I need to change 1000 AP's across 15 buildings and wont be able to change the default group after a building is done and before they move to the next.  So ideally I would configure all AP's with AP-group & name before they are deployed. Code is 6.5.1

Contributor I

Re: Automatic provisioning of APs

For the record, we use the cpsec whitelist exclusively to name and group APs.  It's a very effective way of pre-provisioning APs.  We've been doing it for a few years (at least since 6.3, now on 6.5).

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: