Thank you for answer, Jochem.
Yes - this is a IAP management problem, reaching 100-110 AP+ in a single VC.
Also if I want to separate i.e. 40 345 AP's for conference, in a zone - and some different SSID's available there, than the rest of offices and rooms in a hotel, together with a general guest SSID and vlan for the whole installation.
Rumors are that there will be a MAC address thing coming along, so we can profile devices in a ClearPass "light" thingy dingy :-)
Only solution for now is to hand code every port on every switch. :-(
Original Message:
Sent: Sep 15, 2023 05:03 AM
From: Jochem Knoben
Subject: Device profile Switches and Aruba IAP
Hi,
the device profile is LOCAL to each switch - and there you do define what's the untagged and what are the tagged vlans for AP-uplink ports.
Of course, there can be only one profile on a single switch.
Thus you need to group your switches reflecting the RF-overlap of AP's - and group1 will make use of AP-mgmt-vlan1 as untagged and group2 will make use of AP-mgmt-vlan2 as untagged in the local device-profile.
For each new switch, you need to decide to which group of switches that one will belong....
Note: the tagged (client) vlans can be the same in all device-profiles, so when clients do roam between those two areas, the client would not need to change its IP@.
Hope this helps
/Jochem
Original Message:
Sent: Sep 14, 2023 04:23 AM
From: jan.jorgensen@netnordic.com
Subject: Device profile Switches and Aruba IAP
Hi.
How do I get around device profile when reaching clusters of 120+ accespoints, and want to differentiate IAP management Vlan?
I'm getting more and more networks with more than 150+ accespints and have used device profile on switches for quick safe and sound configuration of ports to accespoints.
- Now, installations get saggy, and unsynchronized access points as there are too many units for VC to handle.
- This will unfortunately at this point bring all IAP's in the same Vlan as soon as switch recognize it on a port.
Do I have to trash the device profile and manually configure every port to get around this = 150 + ports and customers won't pay for this of course :-(
Thanx in advance.