Cloud Managed Networks

 View Only
last person joined: yesterday 

Forum to discuss all things related to HPE Aruba Networking Central and UXI Network Management, including deployment of managed networks, configuration, best practices, APIs, Cloud Guest, AIOps, Presence Analytics, and other included Applications
Back to discussions
Expand all | Collapse all

Howto: Monitor-only mode for ArubaOS-Switches (AOSS)

This thread has been viewed 39 times

  • 1.  Howto: Monitor-only mode for ArubaOS-Switches (AOSS)

    Posted Apr 30, 2022 09:25 PM

    Overview

    Aruba Central allows you to add AOS-S switches to UI groups in the monitoring-only mode, for monitoring, reporting, and troubleshooting.
    (From https://www.arubanetworks.com/techdocs/central/latest/content/nms/aos-switch/get-started/sw-monitor-mode.htm.)

    It is especially useful for these scenarios:
    • it allows you bring in a switch without making any config changes, or losing any settings
    • you are migrating to Central and cloud management, and you want an interim step
    • switches with complex custom configs
    • external management tools (like Ansible) are used to manage configuration, but the switches still need to be included in Central
    • you want to include 5400R chassis switches in the Central environment, but you are not keen on template-based management.

    Preparation

    Licenses

    From the GreenLake Common Cloud, complete the following:
    1. Add each switch serial and MAC address
    2. Assign the appropriate Central cluster "application"
    3. Attach a subscription suitable for the switch


    Group Creation

    1. Create a new group (click on the green plus in the right corner of the Groups box). I called mine SSC-Lab-Monitor to highlight it was for monitor-only mode switches
    2. Click Next, Select AOS-S only and Monitoring only. Click Add.
    3. Check that the group has the correct settings:
    4. (Optional) If you can already see the switches listed in the Unprovisioned devices group, move then into the new monitor group.

    Switch Setup

    Make required changes so that the switch can communicate with Central. This may include:
    • removing restrictions for Aruba-central
    • removing restrictions for Activate
    aruba-central disable
activate software-update disable
activate provision disable​

    • Setup proxy
    proxy server "http://10.20.30.2:3128"​

    Switch in Central

    Initial Checks

    The switch may have already started to communicate with Central. If not, you can initiate the process with
    activate provision force​


    Check progress with
    show aruba-central
show event -r​


    Ensure that the new switches listed in the Unprovisioned devices group are moved into the new monitor group.

    Viewing switches with monitor-only in Central

    In this view there are 3 x 5400R switches, 2 in monitor mode, and one managed with templates (marked with "In sync").

    Looking at a monitor-mode 5400R: note the lack of Device under LAN, because configuration within Central is not possible.




    Remote console also works, giving you CLI access via the cloud!

    Other Features

    Firmware

    It is easy to manage switch firmware in Central, including for monitor-only switches.
    From the left menu, choose Firmware, and proceed the same as for any other switch.

    Config Backups

    Collecting a config from a monitor-only switch is also, but it has to be initiated manually - no automatic config collection.

    1. Select the monitor-only switch
    2. From the left menu, choose Tools
    3. From the ribbon at the top, choose Commands > Device Type = Switch > Categories = Configuration > Commands = Show Running Configuration
    4. Add the command to Selected Commands, and click RUN.
    5. View the device output and copy to clipboard or email/FTP as required.


    ------------------------------
    Richard Litchfield
    Airheads MVP 2020, 2021, 2022
    ------------------------------