Wireless Access

Reply
Highlighted
Occasional Contributor II

Migrate APs to different controller and change from tunnel to bridge mode

I have a campus with 24 AP-225 access points and a 7210 Mobility controller. The controller goes offline frequently and needs rebooting. In the error log I'm seeing "Hardware watchdog reset" and internal system errors relating to files. If a factory reset and reload of the firmware and config don't fix it, the other option I have is to use a controller at another site. I have 3 locations that are configured identically and connected via MPLS. At a high level, I am expecting the steps to be:

  • Transfer the AP licences to one of the other controllers (can I just copy the key from web interface?)
  • Reconfigure the switch ports to trunk all VLANs to each AP
  • Configure the controller at the remote site to support the APs in bridge mode

How do the APs get configured to register to the remote controller? Is there a DHCP option I can use?
If there are any major steps I'm missing, or any tips, links to resources to help me do this, or any advice anyone can share, that would be awesome! Thanks in advance.


Accepted Solutions
Highlighted
MVP Expert
MVP Expert

Re: Migrate APs to different controller and change from tunnel to bridge mode

Hi Feroscare,

 

  • When your 7210 reboots often, create a TAC case for that.
  • Licenses are bound to the hardware, to transfer licences go to https://lms.arubanetworks.com and choose "transfer", or call TAC. When choose transfer your current controller keep working but must set out of production after migration.
  • Your current controller can act as license server but must stay online.
  • To direct AP to a new controller there you can change the LMS IP in the AP System profile, all AP will reboot and connect to the second controller when it have licenses available. Be sure the AP Group name is exactly the same.
  • Second option is from the current controller choose re-provisioning and set the controller direction to the static IP of the new controller. That way your in control to move AP one by one.
  • DCHP/ADP Discovery is only for new AP and not necessary for re-provisioning far as i believe. Because LMS-IP is write into the AP flash by provisioning. But always a good thing to set to be sure. 

May i ask why you want bridge-mode? Tunnel-mode is strongly recommended. Bridge mode have many limitations. For example "captive-portal" will not work because it have to be dns re-directed on the firewall in the controller. And 802.1x will not work when the controller is down because 802.1x is always handled by the controller. 

 

For urgent matters i would recommend you to work with TAC support.

 

Kind Regards Marcel Koedijk
HPE ASE Flexnetwork | ACMP | ACCP | Ekahau ECSE Design - Was this post usefull, Kudos are welcome.

View solution in original post


All Replies
Highlighted
Super Contributor II

Re: Migrate APs to different controller and change from tunnel to bridge mode

If the licenses were configured on the controller, and you are not sharing them out with the centralized licensing on a controller other than this one, the licenses would be tied to that controller. You would have to re-host the licenses. You could work with TAC to do this, or attempt it in your ASP portal. 

 

You can use DNS or DHCP options to discover the controller for the APs, or you can pre-provision them. If you have Aruba Activate set up with the APs as well, you can have an activate rule that points the APs to the remote controller. 

 

Have you worked with Aruba TAC on this problem yet?

 

 

Dustin Burns
Senior Mobility and Access Engineer @WEI
ACMX #509 | ACCX #1272 | ACSA | ACDA | ACEA | CCNP | CCDP | CCNA Wireless

If my post address your queries, give kudos and accept as solution!
Highlighted
MVP Expert
MVP Expert

Re: Migrate APs to different controller and change from tunnel to bridge mode

Hi Feroscare,

 

  • When your 7210 reboots often, create a TAC case for that.
  • Licenses are bound to the hardware, to transfer licences go to https://lms.arubanetworks.com and choose "transfer", or call TAC. When choose transfer your current controller keep working but must set out of production after migration.
  • Your current controller can act as license server but must stay online.
  • To direct AP to a new controller there you can change the LMS IP in the AP System profile, all AP will reboot and connect to the second controller when it have licenses available. Be sure the AP Group name is exactly the same.
  • Second option is from the current controller choose re-provisioning and set the controller direction to the static IP of the new controller. That way your in control to move AP one by one.
  • DCHP/ADP Discovery is only for new AP and not necessary for re-provisioning far as i believe. Because LMS-IP is write into the AP flash by provisioning. But always a good thing to set to be sure. 

May i ask why you want bridge-mode? Tunnel-mode is strongly recommended. Bridge mode have many limitations. For example "captive-portal" will not work because it have to be dns re-directed on the firewall in the controller. And 802.1x will not work when the controller is down because 802.1x is always handled by the controller. 

 

For urgent matters i would recommend you to work with TAC support.

 

Kind Regards Marcel Koedijk
HPE ASE Flexnetwork | ACMP | ACCP | Ekahau ECSE Design - Was this post usefull, Kudos are welcome.

View solution in original post

Highlighted
Occasional Contributor II

Re: Migrate APs to different controller and change from tunnel to bridge mode

Thanks Dustin and Marcel for your advice. TAC were able to help me. As a temporary workaround they added 90 day temporary licences to a controller at a different geographical location. Bridge mode is desirable as we don't want the tunnelled traffic going over the WAN link to the other site, consuming bandwidth and placing an additional dependency on that site. However, it is currently working in tunnelled mode and as it is only a temporary solution we can probably live with the drawbacks of that, especially considering the additional complexity and possible issues associated with bridge mode.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: