Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Configuring Configuration Audit Properties
HPE Aruba Networking Central provides an audit dashboard for reviewing configuration changes for the devices provisioned in UI and template groups. The page is available for APs, switches, and gateways.
The Configuration Audit page and the auto commit feature is available for Foundation and Advanced licenses for APs, switches, and gateways.
Viewing the Configuration Audit Page
To view the
page, complete the following steps:- For APs:
- In the WebUI, set the filter to a group that contains at least one AP.
The dashboard context for the selected group is displayed.
- Under , click > .
- Click the
The tabs to configure access points are displayed.
icon. - Click
The Configuration Audit details page is displayed.
, and click the tab.
- In the WebUI, set the filter to a group that contains at least one AP.
- For HPE Aruba Networking switches:
- In the WebUI, set the filter to a group that contains at least one switch.
The dashboard context for the selected group is displayed.
- Under , click > .
- Click the
The tabs to configure switches are displayed.
icon. - Click
The Configuration Audit details page is displayed.
.
- In the WebUI, set the filter to a group that contains at least one switch.
- For HPE Aruba Networking gateways:
- In the WebUI, set the filter to a group that contains at least one Branch Gateway.
The dashboard context for the selected group is displayed.
- Under , click > .
- Click the
The tabs to configure gateways are displayed.
icon. - Click
The Configuration Audit details page is displayed.
, and click the tab.
- In the WebUI, set the filter to a group that contains at least one Branch Gateway.
Applying Configuration Changes
HPE Aruba Networking Central supports a two-staged configuration commit workflow for APs and switches. HPE Aruba Networking Central now supports the auto commit feature at a group level. When the auto commit state is enabled for a group, the configuration changes are instantly applied to all devices where auto commit state is enabled.
In the
page of the group, the section allows administrators to switch their preference for committing configuration changes to the devices within the group.- To enable auto commit, click . When the auto commit state is enabled for a group, the configuration changes are instantly applied to all devices where auto commit state is enabled.
- To disable auto commit, click . When the auto commit state is disabled for a group, you can build the configuration and save it on cloud. Subsequently, you can review the configuration and then commit the configuration to all devices within the group.
HPE Aruba Networking Central resets the auto commit state when a device moves to another group. The device inherits the auto commit state of the group to which the device is moved.
When the auto commit
state is disabled for a group, HPE Aruba Networking Central restricts modification to the auto commit state at a device
level. When auto commit
state is enabled for a group, HPE Aruba Networking Central allows modification to the auto commit state at a device
level.
The auto commit at a group level is not applicable for MAS switches and gateways in the page. auto commit state is always enabled for MAS switches and gateways.
Viewing and Editing
To modify the auto commit state of devices within the group, when
for a group is enabled, complete the following steps:- Click under tile.
- Select a device name, click , and then click .
- Click in the dialog box.
To modify the auto commit state of devices within the group, when
for a group is disabled, complete the following steps:- Click under tile.
- Select a device name, click , and then click .
- Click in the dialog box.
When auto commit state for a group is disabled, the
link is disabled to restrict modifications to the auto commit state of the devices within the group. When auto commit state for a group is enabled, the link allows you to modify the auto commit state of the devices within the group.auto commit Workflow
To enable HPE Aruba Networking Central to commit configuration changes instantly, complete the following steps:
- In the WebUI, set the filter to a group that contains at least one AP and a switch.
The dashboard context for the selected group is displayed.
- Under
In HPE Aruba Networking Central, the auto commit workflow for a group can be implemented either from the switch configuration audit page or AP configuration audit page. Alternatively, you can navigate to > .
, click > . - Click the
The tabs to configure access points are displayed.
icon. - Click
The Configuration Audit details page is displayed.
, and click the tab. - Ensure that the for the group is set to .
- Based on configuration mode set for the devices in the group, use either the UI workflows or a configuration template to complete the configuration workflow and save the changes.
HPE Aruba Networking Central automatically commits the configuration changes to all devices where auto commit state is enabled.
- View the , if any.
HPE Aruba Networking Central does not support the two-staged configuration commit workflow for HPE Aruba Networking MAS switches and HPE Aruba Networking gateways.
The tenant accounts in the MSP Managed Service Provider. The Managed Service Provider (MSP) mode is a multi-tenant operational mode that Aruba Central accounts can be converted into, provided these accounts have subscribed to the Aruba Central app. deployments do not inherit the configured at the MSP level. The tenant account users can enable or disable state for the devices in their respective accounts.
Manual Commit Workflow
To build configuration and review it before committing the configuration changes, complete the following steps:
- In the WebUI, set the filter to a group that contains at least one AP and a switch.
The dashboard context for the selected group is displayed.
- Under
In HPE Aruba Networking Central, the manual commit workflow for a group can be implemented either from the switch configuration audit page or AP configuration audit page. Alternatively, you can navigate to > .
, click > . - Click the
The tabs to configure access points are displayed.
icon. - Click
The Configuration Audit details page is displayed.
, and click the tab. - Ensure that the for the group is set to .
- Based on configuration mode set for the device, use either the UI workflows or a configuration template to complete the configuration workflow and save the changes.
When you try to save the save changes, HPE Aruba Networking Central displays the following warning message.
When the auto commit state for a group is set to HPE Aruba Networking Central displays the following warning message when you try to save the changes.
, - View the , if any.
- Click to commits the configuration changes to all devices within the group.
Viewing Configuration Overrides and Errors
The
page allows you to view the configuration push errors, template synchronization errors, configuration sync, and device level configuration overrides. Some of notable status indicators available on the page includes:- —Provides details of the number of devices with configuration sync errors. To view the devices with configuration sync errors, click View Details. In the window, you can view configuration differences for each device within the group.
- IGMP Internet Group Management Protocol. Communications protocol used by hosts and adjacent routers on IP networks to establish multicast group memberships. are listed under a separate drop-down with the heading IGMP.
To preserve the overrides, click
. To remove the overrides, select the group name with local override, type in the text box and click .
—Provides details of the number of devices with local overrides. To view a complete list of overrides, click . In the window, you can view configuration differences for each device within the group. The overrides are grouped based on the features that are configured in the UI and are displayed as drop-down sections. For example, all overrides for - —Provides details of the number of devices with configuration conflict errors. To view a complete list of configuration conflicts, click . The window is displayed. To resolve the configuration conflicts, enable the check box against each conflict, and then click to remove the conflict.
- —Provides the details of the number of devices with template errors. To view a complete list of configuration template errors, click . The window is displayed. You can view a list of templates with errors.
- HPE Aruba Networking Central supports moving a device from one group to another. If the move operation fails, HPE Aruba Networking Central logs such instances as . —
Viewing Configuration Audit Status for Devices in a Template Group
When you select a template group from the filter, the
page displays the following information.
Data Pane Content |
Description |
|
Provides details of the number of devices with template errors for the selected template group. Devices deployed in the template group are provisioned using configuration templates. If there are errors in the templates or variable definitions, the configurations push to the devices fails. HPE Aruba Networking Central records such failed instances as template errors and displays these errors on the page. To view a complete list of errors, click . The window allows you to view and resolve the template errors issues if any. |
|
Provides details of the number of devices with configuration sync errors for the selected template group.
To view the configuration sync errors, click . The Configuration Sync Issues window is displayed with the following tabs:—Displays the configuration changes that are not synched with the switch. —Displays the running configuration on the switch.
To resolve the configuration sync errors, click HPE Aruba Networking Central will attempt to synchronize the configuration with the switch or access point again. Click in the confirmation window. To check whether the configuration was synchronized and pushed to the switch or access point, see the Audit Trail page. . |
|
Allows you to view and edit devices that are set to managed or monitored operation mode. —Click . The window is displayed and displays the list of devices operating in the managed mode. To change the device operation mode to be monitored, click . —Click . The window is displayed. To change the device operation mode to be managed, click . |
|
Allows you to create a backup of templates and variables applied to the devices in the template group. —Allows you to create a backup of templates and variables applied to the devices in the template group. |
|
The table provides the following device information for the selected group:—The name of the device. —The type of the device. —Device operation mode. —The status of the auto commit state for all the devices within the group. —Indicator showing configuration sync errors. —Indicator showing configuration template errors for the devices deployed in template groups. |
Viewing Configuration Audit Status for a Device in a Template Group
When you select a device that is provisioned in a template group, the
page displays the following information:Viewing Configuration Audit Status for Devices in a UI Group
When you select a UI group, the
page displays the following information:
Data Pane Content |
Description |
|
Displays the number of devices with configuration sync errors for the selected UI group.
To view the configuration sync errors, click . The Configuration Sync Issues window is displayed with the following tabs:—Displays the configuration changes that are not synched with the switch. —Displays the running configuration on the switch.
To resolve the configuration sync errors, click HPE Aruba Networking Central will attempt to synchronize the configuration with the switch or access point again. Click in the confirmation window. To check whether the configuration was synchronized and pushed to the switch or access point, see the Audit Trail page. |
|
Displays the number of devices with local overrides. To view a complete list of overrides, click .The window is displayed. The overrides are grouped based on the features that are configured in the UI and are displayed as drop-down sections. For example, all overrides for IGMP are listed under a separate drop-down with the heading IGMP.To preserve the overrides, click .To remove the overrides, select the group name with local override, type in the text box and then click . |
|
The table provides the following device information for the selected group:MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address of the device. ——The name of the device. —IP address of the device. —Name of the site to which the device is assigned. —The type of the device. —The status of the auto commit state for all the devices within the group. / —Indicator showing configuration sync errors. —Indicator showing configuration overrides for the devices deployed in the UI groups. The , , , and columns are available only for groups in which HPE Aruba Networking gateways are provisioned ( > > , click the icon. The gateway configuration page is displayed. Navigate to ). |
Viewing Configuration Audit Status for a Device in a UI Group
When you select a device assigned to a UI group, the
page displays the following information: