You can launch the setup wizard using any PC or workstation that can run a supported Web browser.

The PC or workstation must either be configured to obtain its IP address using DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network. , or configured to have a static IP address on the 172.16.0.254/24 sub-network. The default IP address of the managed device is 172.16.0.254/24. Connect a PC or workstation to 0/0/1 port on the managed device, then enter this IP address into a supported Web browser to launch the Setup Wizard.

To run the Setup Wizard:

1. Connect your PC or workstation to 0/0/1 port on the managed device.

2. Make sure that the managed device is not connected to any device on your network.

3. Boot up the managed device.

4. On your PC or workstation, open a Web browser and connect to https://172.16.0.254/24.

5. The initial window of the Mobility Controller Setup Wizard asks you to select one of the following deployment modes. Select Standalone or Managed then click Continue.

Standalone Controller: This is the only controller on the network.

Managed Controller: This managed device will be managed by a Mobility Master.

Initial Setup on a Serial Port Connection

The serial port is located on the front panel (back panel in case of 7024 and 7008 controllers) of the managed device. You can start the Initial Setup dialog when you connect a terminal, PC or workstation running a terminal emulation program to the serial port on the managed device.

The serial port connection only allows you to configure the basic configuration required to connect the managed device to the network. The recommended browser-based configuration Wizard allows you to also install software licenses and configure internal and guest WLANs Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.. If you use the Initial Setup dialog to configure the managed device, the browser-based Setup Wizard will not be available unless you reset the managed device to its factory default configuration.

To run the Initial full setup dialog from a serial connection:

1. Configure your terminal or terminal emulation program to use the following communication settings:

Table 1: Terminal Communication Settings

Baud Rate

Data Bits

Parity

Stop Bits

Flow Control

9600

8

None

1

None

2. Connect your terminal or PC/workstation to the serial port on the managed devices using an RS-232 serial cable. RJ-45 cable and DB-9 to RJ-45 adapter is required. You may need a USB Universal Serial Bus. USB is a connection standard that offers a common interface for communication between the external devices and a computer. USB is the most common port used in the client devices. adapter to connect the serial cable to your PC.

3. Boot up the managed device. After the managed device has booted up, you should see a screen similar to the following setup dialog for managed devices:

 

Auto-provisioning is in progress. Choose one of the following options to override or debug...

 

'enable-debug' : Enable auto-provisioning debug logs

'disable-debug': Disable auto-provisioning debug logs

'mini-setup' : Stop auto-provisioning and start mini setup dialog for smart-branch role

'full-setup' : Stop auto-provisioning and start full setup dialog for any role

 

Enter Option (partial string is acceptable):f

Are you sure that you want to stop auto-provisioning and start full setup dialog? (yes/no): y

Reading configuration from factory-default.cfg

 

4. (Applicable to managed devices using ZTP Zero Touch Provisioning. ZTP is a device provisioning mechanism that allows automatic and quick provisioning of devices with a minimal or at times no manual intervention.) enter f to invoke full-setup.

5. The Serial Port Configuration Dialog displays the configuration prompts. The prompts may vary, depending upon the switch role you choose. Enter the required information at each prompt, then press Enter to continue to the next question.

Table 2: Serial Console Configuration Dialog

Console Prompt

Description

Enter System Name

Enter a name for the managed device, or press Enter to use the default system name. You can specify a name of up to 63 characters.

Enter Switch Role,

(master|stand-alone|md)

Specify one of the following roles:

Master: This device is the 7200 Series controllers running as a master controller.

Stand-alone: This is the only self-managed controller on your network.

md: This device will be managed by a Mobility Master. You are prompted to specify the type of authentication to be used by the managed device. If you are configuring a managed device to use pre-shared key authentication to communicate with the Mobility Master, enter the IP address of the Mobility Master and the pre-shared key. If you are configuring a managed device to use certificate authentication, specify the MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. addresses of the Mobility Master.

IP type to terminate IPSec

tunnel

Specify if the IP type to which the IPsec Internet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. tunnels use to terminate. The IP types are IPv4 and IPv6.

Master switch IP address or FQDN Fully Qualified Domain Name. FQDN is a complete domain name that identifies a computer or host on the Internet.

Specify the IP or fully qualified name of the Mobility Master.

Is this a VPN Virtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two. concentrator for managed device to reach Master switch

Enter No. Most of the installations would not have a VPN Virtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two. concentrator installed.

NOTE: Enter Yes only if a VPN Virtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two. concentrator is installed in the network.

Master switch Authentication method

Provide a choice of PSKwithIP or PSKwithMAC.

If you choose PSKwithMAC, then the peer MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address value to be configured on a device for tunnel establishment is based on the platform type of the peer device. For more information on the type of MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address to be configured as peer MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address, see Peer MAC Address Configuration for PSK with MAC.

IPsec Internet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. Pre-shared Key

Security key for the IPsec Internet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. tunnel between the managed device and the Mobility Master, 6 to 64 characters.

Uplink Vlan Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. ID

Specify the VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. ID which is an integer. Value range- 1 to 4094

Uplink port

The value is not 1 or 0, value should be 1/0 or 0/0/0 or any port based on the managed device platforms.

Uplink port mode

Specify the port mode as either Access or Trunk. In trunk mode, a port can carry traffic for multiple VLANs Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN.. In access mode, the port forwards untagged packets received to the managed device and they appear on the configured access mode VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN..

Enter Native VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. ID [1]

Specify a particular vlan Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. to be configured as a native vlan Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN..

Uplink Vlan Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. IP assignment

method

Assign manually the IP addressing of the uplink or via DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network. .

Uplink Vlan Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. Static IP

address

The managed device takes its IP address from VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 1 and uses this IP address to communicate with other managed devices and with APs. Enter an IPv4 VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 1 interface IP address, or press Enter without specifying an IP address to use the default address 172.16.0.254/24.

Uplink Vlan Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. Static IP

netmask Netmask is a 32-bit mask used for segregating IP address into subnets. Netmask defines the class and range of IP addresses.

Enter an IPv4 VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 1 interface IP subnet Subnet is the logical division of an IP network. mask, or press Enter without specifying an IP address to use the default address 255.255.255.0.

IP default gateway Gateway is a network node that allows traffic to flow in and out of the network.

This is usually the IP address of the interface on the upstream switch or router to which you will connect the managed devices. The default gateway Gateway is a network node that allows traffic to flow in and out of the network. and the VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 1 IP address need to be in the same network. Enter an IPv4 gateway Gateway is a network node that allows traffic to flow in and out of the network. IP address, or press Enter to continue without specifying an IP gateway Gateway is a network node that allows traffic to flow in and out of the network..

DNS Domain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. IP address

IP address of the DNS Domain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. server.

IPV6 address on vlan Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN.

IPv6 address of the managed device.

Do you want to configure

port-channel (yes|no) [no]

Specify if you want to configure the port-channel. LACP Link Aggregation Control Protocol. LACP is used for the collective handling of multiple physical ports that can be seen as a single channel for network traffic purposes. will be configured on port

members with port-channel ID as LACP Link Aggregation Control Protocol. LACP is used for the collective handling of multiple physical ports that can be seen as a single channel for network traffic purposes. group ID.

Enter Port-channel ID [0]

Specify the port-channel ID.

Uplink Vlan Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. Static IPv6

address

The managed device takes its IP address from VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 1 and uses this IP address to communicate with other managed devices and with APs. Supported subnets Subnet is the logical division of an IP network. are: Global Unicast: 2000::/3, Unique local unicast: fc00::/7

Enter an IPv6 VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 1 interface IP address, or press Enter without specifying an IP address to use the default address 2000::1.

Uplink Vlan Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. interface IPV6

prefix length

Enter a value from 0 to 128 to define an IPv6 VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 1 interface IP prefix length, or press Enter without specifying a prefix length to use the default value of 64.

IPv6 default gateway Gateway is a network node that allows traffic to flow in and out of the network.

This optional value is usually the IP address of the interface on the upstream switch or router to which you will connect the managed device. The default gateway Gateway is a network node that allows traffic to flow in and out of the network. and the VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 1 IP address need to be in the same network. Enter an IPv6 gateway Gateway is a network node that allows traffic to flow in and out of the network. IP address to configure this setting, or press Enter to continue without specifying an IP gateway Gateway is a network node that allows traffic to flow in and out of the network..

Country code

If your managed device has a country code that restricts its usage, enter yes to confirm this code.

Time Zone

Enter the time zone for the managed device, or press Enter to select the default time zone.

Time in UTC Coordinated Universal Time. UTC is the primary time standard by which the world regulates clocks and time.

Enter the current time in UTC Coordinated Universal Time. UTC is the primary time standard by which the world regulates clocks and time. format, or press Enter to select the default time.

Date

Enter the current date, or press Enter to select the default date.

Password for admin login

Enter a password to allow the admin user to login to the WebUI, CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. and console interfaces. This password can be up to 32 alphanumeric characters long.

Re-type password for

admin login

Confirmation for the admin login password

6. At the end of the Initial Setup, you are asked to review and confirm your configuration changes. Enter y to accept the changes. The managed device reboots.

 

If you want to complete optional configuration options (e.g. disabling spanning tree or installing software licenses) before connecting the managed device to the network, refer to the ArubaOS 8.7.0.x User Guide for additional information on configuration.