Webinar Q&As
Q1: Do I need 2 PAID licenses for the Mobility MAster to do an HA setup?
No, we do not need any additional license to do a HA setup. But we need the regular AP License to activate the APs, optionally if we need to use Firewall Rules we need PEFNG license and if we need to use RF Protect features, such as spectrum analysis and Wireless Intrusion Protection (WIP) we need RF Protect License.
It is not mandatory to have PEFNG and RF Protect license if you are not going to use those respective features.
In 8.x MM License, AP license and VMC License (If MD is a Virtual Machine) to do a HA setup but we would not be able to make use of the firewall and RF protect features.
Q2: I have a question here- Is there no need to buy additional PEFNG & RF license??\
It is not mandatory to have PEFNG and RF License if we are not interested in Firewall Rules and if we do not need to use RF Protect features, such as spectrum analysis and Wireless Intrusion Protection (WIP)
Prior 6.x only AP license is sufficient for bringing up AP active and broadcast a network.
Form 8.x we need AP license, MM license and VMC license (If MD is a Virtual Machine). If MD is a hardware we do not need VMC license.
In 8.x if we are going to use standalone setup we need only AP license and we do not need MM and VMC license for standalone hardware controller.
Q3: does this mean that if I have 100 AP licenses en 50 PEF licenses, only 50 AP's will work?
Yes, you are correct.
Q4: To achieve MM Redundancy is it possible to buy 1 MM License (Virtual) and install 2 virtual instances of MM with this one license??
For MM redundancy we do not need any license. The MM license are required only to terminate the devices (MD or AP) to MM. Once you have MM license installed on one MM it should be shared by the Secondary MM.
Q5: Will it work to have 100 AP licenses and 100 PEFNG and no RF Protect?
Yes, we can activate AP and broadcast network only with AP and PEFNG license. When we do not have RF protect license we might not be able to use RF Protect features, such as spectrum analysis and Wireless Intrusion Protection (WIP)
Q6: Where the customer can get the Evaluation licenses?
We can get the Evaluation license from our sales account team.
Q7: Is there a way to get rid of the Eval licenses so that you do not see them on the Controller after they have expired?
Yes, but this is not possible from the customer end. TAC has the privilege to do it by resetting the license database by logging in to the backend of the controller. But this requires a downtime.
Q8: Must the AP-License and the PEF-License the same Qty. on a controller?
Yes, if you are using AP-License and PEF-License, the count of license must be same. Else the least count would be considered and we would be only able to activate the APs matching to least count.
Q9: 100 ACR licenses are gonna be AP/ location specific? or anyone can use this in WLAN spanning across multiple sites?
This license enables ArubaOS Advanced Cryptography (ACR) features. ACR license is required for each active client termination using Suite-B algorithms or protocols. Since it is centralized licensing it not going to be AP/ Location specific. Anyone can use this in WLAN who are part of the Licensing pool.
Q10: Do we need the ACR License to terminate an IKE VPN (Remote AP) with AES Encryption?
No, we do not need the ACR License to terminate an IKE VPN (Remote AP) with AES Encryption.
Q11: for example: if I have 100 ACRs. how will I allot this license to my target client or user session
100 ACR license accommodates 100 active client termination using Suite-B algorithms or protocols.
Q12: can the MM terminate APs? I think no
You are correct, we cannot terminate APs on MM.
Q13: Hello, regarding the ACR licence, which is counted on a client base: can we have on the same wireless network some clients working with advanced cryptography and clients working without cryptography - those clients being connected at the same time through the same access point?
Yes, we can.
Q14: Does the PEFV also replace the PEFNG license? Will user-roles be enabled for non-VPN users with just the PEFV?
No, PEFV does not replace the PEFNG license. The user-roles cannot be customized for the non-VPN users with just the PEFV license. For any user-role modification/ customization, PEFNG license is a must.
Q15: Hi, Is it need PEF license if I want to manage user roles? Without application visibility and traffic management.
Yes, PEF license is mandatory to manage user roles and apply firewall restriction to the users.
Q16: on point 6 on slide 13, should that say 'cannot get an IP address'?
It actually “can get an IP address” but after getting ip address the AP will not be active due to insufficient license.
Q17: does the MM license replace the AP, PEFNG and RFP licenses?
No, MM license is additionally added from 8.x along with AP, PEFNG and RFP.
Q18: Question 2: MM licenses are going to be Equal to controllers connected to it + AP licenses?
Yes, that is correct.
Q19: I would like to connect 7 APs to the controller without additional functionality. Can only 7 AP licences be used?
Yes, 7 AP license should be sufficient if it is a standalone controller.
Q20: what is the use of AP licenses then, if I have to add an additional license to bring the AP up?
If we do not use any additional functionality we do not need an additional license. Only AP License is sufficient. If we need to make use of additional features we need to match the count of the other license like PEFNG and RFP as per the design.
Q21: Do you have a way to prioritize the MM Licence to be attributed to MD and not AP? In case we are short of licences that all MD will be connected
No, we do not have a straight forward option to prioritize. But by using a customized license pool we can block a set of license to a specific pool and we can make use of it to terminate MD.
Q22: What is the difference between VMC-TACT and VMC-TACT8 licenses?
Need to check with the corresponding team. Answers to be shared by Sep 5th.
Q23: MM-VA-50 and MM-VA-500, will it add up to 550 and work as one system (licensing)?
Yes, it will add up to 550 and work as one system.
Q24: Hi, I have a question concerning the Care Packs for the licenses. There are FC24x7 1/3/4/5y for LIC-AP, LIC-PEF... available. You told that these licenses are perpetual licenses that never expire. Why do I need these CarePacks?
Need to check with the corresponding team. Answers to be shared by Sep 5th.
Q25: can a MM-VA-5k license be run on to separate systems using only 2500 on each system?
No, MM-VA-5k got to run on one system and cannot be split between two MM controllers.
Q26: in the scenaria, the AP connects to MD2 without enough license, can this scenario's occur? because the license is installed on de MM. so if AP change to MD1 to MD2, no extra license is used I think? because the knowlegde is on the MM?
It is possible when we use customized licensing pool. Consider the AP on MD 1 on License pool 1 moves to MD 2 with license pool 2. In this case, the licenses are blocked for specific pool and this scenario may occur.
Q27: what is the procedure to regenerate existing licenses? ex. from release 6.x to 8.x?
Slide 35 to 40 contains the procedure.
Q28: Again: If I would like to install 2 virtual machines of MM do I need to purchase two licenses?
To install 2 Virtual Machines as MD we need 2 MM licenses alone. But if you need to install APs on it we need. But to bring up Primary MM and Secondary MM we do not need any license.
MM License=2MM+No of APs to be used
VMC License=No of APs to be used
Q29: If I want to install 2 virtual machines of VMC do I need to purchase two licenses?
To install 2 Virtual Machines as MD we need 2 MM licenses alone. But if you need to install apps on it we need. But to bring up Primary MM and Secondary MM we do not need any license.
MM License=2MM+No of APs to be used
VMC License=No of APs to be used
Q30: what is the best practise for following scenario : presales has foreseen 6.x license for 7210 controller. But we want to go immediately to 8.x. do we have first register de 6.x license on the controller with release6.x , than migrate the license from 6.x to 8.x , upgrade the controller to 8.x, install the 8.x license. or could we migrate the 6.x license to 8.x without registration first the 6.x license. Because with the migration tool you have to full in the S/N of the controller. but was not yet register.
Need to check with the corresponding team. Answers to be shared by Sep 5th.
Q31: One of our clients is running some 100.000 licences - I am afraid it takes ages to complete such a migration. Is there any "short way" possible?
Sales Accounts team should help us on this.
Q32: When upgrading from 6.x to 8.x do you receive all licenses required using the License Transfer tool? Or do you need to purchase any additional licenses? Let's say for example for a simple environment with 2 controllers with 16 AP licenses and 16 PEF licenses.
Along with the 6.x licenses, we need MM(Mandatory) and VMC(optional) license for 8.x migration.
Q33: Can the MM be installed with a license in several VMware instances? And.. a separate license is required for backup MM?
All the license can be installed on MM expect box specific license. The same licenses can be used by several VMware instance configured as MD who are part of the MM domain. We do not need a separate license for backup MM.
Q34: Is the WebCC license necessary to use applications / application categories in firewall policies or is it just necessary to RATE the apps....
No, WebCC license in not necessary to use application/ application categories in firewall rules. WebCC is used for Web content classification and categorization.
Q35: can one specific domain then only use AP licenses, and another specific pool can use AP + PEV licenses for example?
Yes, we can.
Q36: how about switches? what licenses are needed?
For switches, we do not have the data at the moment.
Q37: Can we migrate from 6.x to 8.x ( Master / local setup ) without any additional license?
We need an additional license called MM along with the existing license that is available in 6.x controllers.