Link Search Menu Expand Document
calendar_month 07-Mar-24

Migration of Mobility Controllers/Gateways

In AOS 8, the Mobility Controller provides many services that have been moved to Central in AOS 10. To reflect the change in functionality and to better describe the role of the appliance, the name has been changed to Gateway. The two names often are used interchangeably; however, for AOS 10, the correct terminology is Gateway.

Zero Touch Provisioning

Zero Touch Provisioning (ZTP) is a fast, convenient way to onboard a new or existing Gateway into Central without requiring configuration from the installer. Successful ZTP requires the Gateway to be connected to a switchport configured with an untagged VLAN that provides DHCP addressing and Internet access. Any port on a Gateway except GE 0/0/1 can be used for ZTP.

Depending on how the Gateway is deployed or connected to the LAN, ZTP can be performed over a WAN port, uplink port, or a dedicated staging port. A dedicated staging port can be used to onboard a Gateway in situations where the management VLAN will be 802.1Q tagged on the Gateway uplink, the Gateway is connected using LACP trunks, or DHCP services are not available. After a Gateway is provisioned and configured by Central, the Gateway can be configured to use a desired uplink port(s).

Note: When a Gateway is provisioned using ZTP, the ZTP port configuration and VLAN are learned by Central and applied to the Gateway as a device level override. The ZTP staging port can be disabled as part of the pushed configuration by Central or removed post provisioning, if required. A Gateway’s actual uplink ports can be connected pre-provisioning or post-provisioning as needed.

Provision the Gateway

Step 1 To monitor the ZTP process, connect to the serial console port on the Gateway and power on the Gateway. After booting, the initial provisioning screen is presented:

Note: You can view the full ZTP exchange by typing *enable-debug* in the setup screen before connecting the Gateway’s ZTP port to the switchport.

Step 2 Connect a ZTP-capable port on the Gateway to a switchport configured with an untagged (access) VLAN that provides DHCP and Internet access. All ports on the Gateway support ZTP except GE 0/0/1.

image-20230204165402792

Step 3 After receiving a DHCP response, the Gateway resolves the Activate FQDN and communicates with Activate for provisioning:

  • If the Gateway is new and has not been previously provisioned, Activate will push a Central-enabled firmware upgrade and reboot the Gateway.
  • Activate provisions the Gateway with the FQDN for the assigned Central instance.

Step 4 After booting to a Central enabled firmware and being provisioned with the FQDN, the Gateway can communicate with Central.

Step 5 The firmware version defined in firmware compliance for the Group is enforced and an upgrade is pushed if necessary. After the upgrade is complete, the Gateway reboots.

Step 6 The Gateway initializes using the specified AOS 10 version, contacts Central for configuration, based on the Central’s assigned device configuration.

Step 7 After the configuration is applied successfully, the Gateway is up and operational in Central using the staging port or the configured uplink port(s).

Static Activate

Static activate is a one touch provisioning (OTP) option used to provision a Gateway that requires static addressing or PPPoE authentication. The OTP process requires the installer to use a serial console port or web browser to supply minimum information to the Gateway to permit initial communication with Activate and Central. The use of a web browser requires a computer to be connected to the Gateway on the GE 0/0/1 Ethernet port, which provides a DHCP address for local access.

The available configuration options vary by release when using OTP. A new Gateway shipped from the factory currently is loaded with a version of AOS 8 that permits provisioning over PPPoE WAN links or an untagged VLAN but does not support provisioning a new Gateway over an 802.1Q tagged VLAN or an LACP trunk. Gateways already upgraded to AOS 10 support provisioning using 802.1Q tagged VLANs and/or LACP trunks.

Note: Static Activate requires pre-staging Gateway device configuration, such as hostname, IP address, default gateway, and System-IP, in Central before initial provisioning. None of the OTP configuration is learned by Central during the initial provisioning process.

Serial Console

Step 1 Connect to the serial console port on the Gateway and power on the Gateway. After booting, the initial provisioning screen displays:

Step 2 Type “static-activate,” then press ENTER to start the process. Choose the options appropriate for the required uplink type (“static” or “pppoe”), then provide the required information. The example shows a statically configured IP address:

Step 3 After initial provisioning is complete, the Gateway resolves the Activate FQDN and communicates with Activate for further provisioning:

  • If the Gateway is new and has not been provisioned, Activate pushes a Central-enabled firmware upgrade and reboots the Gateway.
  • Activate provisions the Gateway with the FQDN for the assigned Central instance.

Step 4 After booting to a Central-enabled firmware and provisioning with the FQDN, the Gateway can communicate with Central.

Step 5 The firmware version defined in firmware compliance for the Group is enforced. An upgrade is pushed if necessary. After the upgrade is complete, the Gateway reboots.

Step 6 The Gateway initializes using the specified AOS 10 version, then contacts Central for configuration based on assigned Central device configuration.

Step 7 After configuration, the Gateway is up and operational in Central.

Web-UI

Step 1 Connect a computer to the GE 0/0/1 Ethernet port on the Gateway. An IP address will be offered by DHCP in the 172.16.0.0/24 network. Open a web browser and navigate to https://172.16.0.254, proceeding past the warning for the invalid SSL certificate:

Step 2 Select By connecting to activate/central, then click Next:

Step 3 Select Static IP Address or PPPoE as the connection method. Enter the required information. The example below provisions a Gateway to use the GE 0/0/0 port and a static IP address; a Gateway running AOS 10 has additional options for a trunk port and port-channel:

Step 4 Verify that the information is correct then click Deploy and Reboot.

Step 5 After the initial provisioning is complete, the Gateway resolves the Activate FQDN and communicates with Activate for further provisioning:

  • If the Gateway is new and has not been previously provisioned, Activate pushes a Central-enabled firmware upgrade and reboots the Gateway.
  • Activate provisions the Gateway with the FQDN for the assigned Central instance.

Step 6 After booting to a Central-enabled firmware and provisioning with the FQDN, the Gateway can communicate with Central.

Step 7 The firmware version defined in firmware compliance for the Group is enforced and an upgrade pushed if necessary. After the upgrade is complete, the Gateway reboots.

Step 8 The Gateway initializes using the specified AOS 10 version and contacts Central for configuration based on the assigned Central device configuration.

Step 9 After the configuration is applied successfully, the Gateway is up and operational in Central.


Back to top

© Copyright 2024 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned are the property of their respective owners. To view the end-user software agreement, go to Aruba EULA.