You are here: Home > CLI Commands > Just_CLI_Topics > cluster-member-ip

cluster-member-ip

cluster-member-ip <ip-address>

ipsec <key>

Description

This command sets the Mobility Master as a CPsecControl Plane Security. CPsec is a secure form of communication between a controller and APs to protect the control plane communications. This is performed by means of using public-key self-signed certificates created by each master controller. cluster root, and specifies the IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. key for a cluster member.

Syntax

Parameter

Description

<ip-address>

Switch IP address of a CPsecControl Plane Security. CPsec is a secure form of communication between a controller and APs to protect the control plane communications. This is performed by means of using public-key self-signed certificates created by each master controller. cluster member. You can also use the IP address 0.0.0.0 to set a single IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. key for all cluster members.

ipsec <key>

Configure the value of the IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. key for secure communication between the cluster root and the specified cluster member. The key must be between 6-64 characters.

Usage Guidelines

The Mobility Master operating as the cluster root will use the CPsecControl Plane Security. CPsec is a secure form of communication between a controller and APs to protect the control plane communications. This is performed by means of using public-key self-signed certificates created by each master controller. feature to create a self-signed certificate, then certify it’s own managed devices and APs. Next, the cluster root will send the certificate to each cluster member, which in turn certifies their own managed devices and APs. Since all managed devices and APs in the cluster get their certificates from the cluster root, they will all have the same trust anchor, and the APs can switch to any other managed device in the cluster and still remain connected to the secure network.

Issue the cluster-member-ip command on the Mobility Master you want to define as the cluster root to set the IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. key for secure communication between the cluster root and each cluster member. Use the IP address 0.0.0.0 in this command to set a single IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. key for all member managed devices, or repeat this command as desired to define a different IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. key for each cluster member.

Once the cluster root has defined an IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. key for all cluster members, you must access each of the member managed devices and issue the command cluster-root-ip to define the IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. key for communication to the cluster root.

Example

The following command sets the managed device on which you issue command as a root managed device, and adds the managed device172.21.18.18 as a cluster member with the IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. key ipseckey1:

(host) (config) #cluster-member-ip 172.21.18.18 ipsec ipseckey1

Related Commands

Parameter

Description

control-plane-security

Configure the CPsecControl Plane Security. CPsec is a secure form of communication between a controller and APs to protect the control plane communications. This is performed by means of using public-key self-signed certificates created by each master controller. profile.

show cluster-config

Show the multi-master cluster configuration for the CPsecControl Plane Security. CPsec is a secure form of communication between a controller and APs to protect the control plane communications. This is performed by means of using public-key self-signed certificates created by each master controller. feature.

show cluster-switches

Issue this command on a Mobility Master using CPsecControl Plane Security. CPsec is a secure form of communication between a controller and APs to protect the control plane communications. This is performed by means of using public-key self-signed certificates created by each master controller. in a multi-master environment to show other managed devices to which it is connected.

Command History

Release

Modification

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

License

Command Mode

All platforms

Base operating system.

Config mode on managed devices.

/*]]>*/