ArubaOS 8.9 Series - Part 3 - Controller Cluster and AP Configuration
HTML-код
- Опубликовано: 8 сен 2024
- Description: In this video we are going to have a look on how to turn the previously installed virtual mobility controllers into a controller cluster and then bring up some access points and create an employee wireless 802.1x network with the use of ClearPass and also make Change of Authorization (CoA) work on the controller cluster.
⏰Timestamps:
00:07 Overview and network diagram
01:24 ClearPass Access Tracker CoA (1)
01:39 ClearPass Access Tracker CoA (2)
01:48 AOS8 Configuration Hierarchy
05:03 Exceptions to overrides
05:17Firewall visibility and DPI
05:55 Create controller cluster
15:00 Bring up access points by using option 43 DHCP
17:12 Add first WLAN using 802.1x and RADIUS CoA
21:37 Recap
Thank for your ArubaOS 8.9 series. However if you've times, please add additional series for 8.9 about AAA and related to role, policy.
I have added this to the todo list
Great video series. Appreciate your effort.
Absolutely a great video series. IMO this is the best education Aruba provides. Anyway you would be able to add RAP configuration?
Thanks, currently busy with AOS10 video's but RAP can be done in a future video.
good job, this is a great series.
Hello. Thanks for this video. It explains easily how to cluster and the steps are very clear. I have a question about the configuration of the fourth VRRP VIP. At 13:18 you suggest that we need this fourth VIP for the access points to connect to the controllers. Why do we not use one of the VIPs created during clustering for this purpose?
nice lession
Hi John, thank you for the awesome video, quick question, the VRRP IP is used for the APs to connect to the VMC cluster and the CoA IP as a NAS device's IP in ClearPass right ?
Yes, each controller has it's own VRRP instance and is master for that instance and that is used to send the CoA to
can you please add video about guest internal captive portal ? thankyou
Hi, in the video you configure CoA ips and vrrp ip, which ip should I register on my CPPM ?
thanks for these explanations, I have a question conecernat the cluster license.
I see there are 3 MDs and 30 AP licenses and depending on the cluster each controller will support 10 Aps. If an MD fails, you can have the same number of licenses ?
License are always centralized and installed on the Mobility Conductor and each controller will take whatever it needs.
Hello, I would like to ask about the icon of the topogram.
Where to download?
I have a question, ap is showing up but radios down, continuosly rebooting ap, ap down reason is unlicensed , but we have equal no of license ap, prf, RFP licence , please let us know the what might be the reasons for this showing unlicensed
The reason is that you did not installed the licenses correctly or you did not enable the license bit correctly. Watch the video on how to do that.
it is possible to add an existing controller cluster that has configuration to a mobility conductor?
That is not the preferred method but you can give it a try.
Nice video. CoA VRRP IP, how is it different from if configure the physical IP address of the controller as NAS-IP in Radius server config on the controller? If we use CoA VRRP IP, NAS CLIENT IP address will CoA VRRP IP on the radius server right?
VRRP is used to be able to follow a wifi user from one controller to the other in case the controller goes down. The physical IP address in this case would also go down and the CoA will then fail and with VRRP if follows the user to the backup controller and CoA keeps on working.
@@jcmschaap In HPE ACMP press book, called this, authorization with ASI (Authorization Server Interaction)
@@sarawutleelatwatanakul4856 Yes, you are 100% correct. It has been a long time ago when I did my ACMX exam and back then we did not have controller clusters 😃
Can we deploy a VMC in standalone mode? if yes, what licenses we will need to install in it? the license portal prompt that the MC-VA-1k license is not compatible with the LAP license.
Yes you can and you need at least a MC-VA-xx license and the number of LIC-AP to cover for how many AP"s you want. Optionally you also need LIC-PEF and LIC-RFP for the number of AP's that you have.