Link Search Menu Expand Document
calendar_month 07-Mar-24

Switch Group Configuration

The following procedures configure a Central switch group with the base features required for all switches in the network. Repeat this procedure for each switch group in the network.

Group-level configured features include the host name, admin account password, Network Time Protocol (NTP), Domain Name System (DNS), Terminal Access Controller Access Control System (TACACS), and Authentication, Authorization, and Accounting (AAA) servers.

Table of contents

Configure the UI Group Settings

Use this procedure to configure group settings for switches. An HPE GreenLake account is required in order to access Aruba Central.

Note: Best practice is to use the fewest groups necessary to provide logical organization for the network and consistent configuration between devices. Configuration cannot be shared among groups.

Step 1 Login to HPE GreenLake and launch Aruba Central.

Step 3 In the filter dropdown, select a switch group. In this example, the group is CP-RSVCORE.

Step 4 On the left menu, select Devices.

Step 5 In the upper right of the Switches page, select Config.

Step 6 In the System tile, select Properties.

Step 6 On the Edit Properties page, assign the following settings, then click Save. Set the VRF to the default network where DNS and NTP will be reachable. Enter a complete IP address to make the + (plus sign) appear for adding additional servers.

  • Contact: Network operations
  • Location: Santa Clara, CA
  • Timezone: Los Angeles (UTC-8:00)
  • VRF: Management
  • DNS servers:,
  • NTP servers:,
  • Administrator username: admin (static)
  • Administrator password: password

Step 7 In the Security tile, select Authentication Servers.

Step 8 Mouse-over the TACACS row. At the far right, click the Edit (pencil) icon.

Step 9 At the top right corner of the TACACS Servers table, click the + (plus sign), assign the following settings on the Add TACACS page, then click Apply.

  • FQDN or IP address:

  • Authentication Port: 49 (default)

  • VRF: Management

  • Shared secret: secret

  • Timeout (secs): 5 (default)

Step 10 Add additional servers by clicking the + (plus sign) on the top right corner of the TACACS Servers table. After all servers are added, click Save.

Add Switches to the Group

Use this procedure to assign switches to groups and synchronize initial configuration.

Step 1 In the filter dropdown, select the Global group. On the left menu, select Organization.

Step 2 Select the Groups tile.

Step 3 Expand the > default Group section.

Step 4 Select the switches to be moved.

Step 5 In the lower right corner of the default Group table, begin the switch move by clicking the Move button.

Step 6 Select the appropriate destination switch group for the selected switches, then click Move.

Step 7 Confirm the move on the devices view of the destination group.

Configure the Switch Hostname

Step 1 In the filter dropdown, select the destination group from the preceding step. On the left menu, select Devices.

Step 2 Click the Device Name of a recently added switch. On the left menu, select Device.

Step 3 In the System tile, click Properties.

Step 4 In the Name field, enter a hostname for the switch.

Step 5 Repeat this procedure for each switch in the Group.

Create a Template Group

Occasionally a configuration template is used to initialize the network devices to be onboarded to Central. This is accomplished by adding the new device to a Template Group. A configuration template and variables file are then associated with the group and applied to each device added to the group.

For detailed instructions on how to create a template and custom variables, consult the Creating a Configuration Template for Gateways section of the Central online help.

Configure the Template Group

Use this procedure to create a template group.

When using a template group to configure core switches, consider creating a template group for each core switch because they have unique IP address on each interface and a single template is difficult to maintain with a long list of variables.

Step 1 Navigate to Central and login using administrator credentials.

Step 2 On the Aruba Central Account Home page, launch the Network Operations app.

Step 3 On the left navigation pane in the Maintain section, select Organization.

Step 4 On the Groups page in the Manage Groups section, select New Group.

Step 5 On the Create New Group page, assign the following settings, then click Add Group.

  • GROUP NAME: CORE1-Template
  • SWITCH: checkmark
  • PASSWORD: password
  • CONFIRM PASSWORD: password

Note: The password enables administrative access to the device’s interface. This password is used as the login password for all the devices in the group, but it is not the enable password. The same password can be used across multiple groups.

Add Switches to a Template Group

Step 1 On the Groups page, in the Manage Groups section, drag the unassigned core switch from the left side to the template group on the right side.

Step 2 At the top left, go to Global > Groups. In the Groups list, select CORE1-Template.

Step 3 On the left menu, select Devices, then select Switches.

Step 4 On the Switches List page in the top right, click Config.

Step 5 On the Switches Template section in the top right, click the + (plus sign).

Step 6 On the Add Template window in the BASIC INFO section, assign the following settings, then click Next.

  • Template Name: 8400-Core1
  • Device Type: Aruba CX
  • Model: 8400
  • Part Name: (ALL)
  • Version: 10.06

Step 7 In the TEMPLATE section, select Import Configuration as Template. Select 8400-C1-1, then click Save.

Step 8 On the left menu, go to Devices > Switches > List, and verify that the Config Status is “In sync”.

Back to top

© Copyright 2024 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned are the property of their respective owners. To view the end-user software agreement, go to Aruba EULA.