Lab 15: Aruba IAP – Template Configuration
(2 IAP clusters)
In this lab you will modify the template and push the configuration down to the IAP
network. We will also add in a second IAP cluster.
LAB 15.1 AirWave Performance
We need to increase the number of processes. The default values are not sufficient to
handle multiple IAP clusters.
Configure AMP setup.
1) Open a browser page and logon to your AMP with the user name: admin;;
password admin.
2) In the sidebar menu expand AMP Setup.
3) Scroll down and expand the Performance tab and make the following changes:
a. Monitoring Processes: 4
b. Maximum number of configuration processes: 8
c. Maximum number of audit processes: 4
4) Click on Save
Proceed to Lab 15.2
Lab 15 – IAP Templates Page 1 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
�
LAB 15.2 AirWave IAP Management
We will now configure the IAP cluster using the template.
Configure your IAP.
1) Open a browser to the AMP and login with the user name: admin;; password
admin.
2) In the sidebar menu expand Groups
3) Click on the IAP group BranchOffice. This will take you to the groups monitor
page.
4) Click on Templates in the sub menu bar and answer these questions:
a. What is the name of the VC template? __________________________
b. For what type of device? ______________________
c. What was the Fetch date? _____________________
5) Click the pencil beside the VC template name.
Note: You have more then one template. Choose the one for “Aruba Instant
Virtual Controller” under DEVICE TYPE.
6) In the Template text field find the below configuration lines and add your name as
shown by <your name>.
Note: the 200-1 will depend on your IAP POD and table number.
wlan access-rule employee200-1<your name>
rule any any match any any any deny
wlan ssid-profile employee200-1<your name>
enable
type employee
essid employee200-1<your name>
Note: You are changing the SSID on the IAP, be sure to make all three changes.
The ESSID name references the other profile with the same name.
Lab 15 – IAP Templates Page 2 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
�
7) Click on Save and then Save and Apply.
8) Look at the changes to be applied and you should see at the bottom what will be
removed ________________and what will be replaced__________________
9) Click on Apply Changes Now
1) Open a browser page to your IAP VC1 and make sure the changes have been
applied
2) In AirWave check the status of the VC and make sure the configuration is in a
GOOD state.
Proceed to Lab 15.3
Lab 15 – IAP Templates Page 3 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
�
LAB 15.3 AirWave IAP Management
We want the same SSID on all the IAP networks in this group, but every IAP
network is in its own subnet and we have different VLANs for this. We will modify
the template so we can specify the VLAN for each individual IAP network in this
group.
We will use the AirWave supplied custom_variable_2 for this purpose.
1) In the sidebar menu expand APs/Devices
2) In the Go to Folder: select <yourname-IAP>
3) Click on the IAP group BranchOffice. This will take you to the groups monitor
page.
4) From the devices listed click on the IAP VC device name. This will take you to
the monitor page for this IAP VC.
5) Click on the sub Menu Manage tab.
Now we will change the VC’s name using a pre-defined variable.
1) Under the setting section change the name of your IAP VC to be IAP-VC-1-(your
name)
For the VLAN we decided on custom variable 2
2) Scroll down and in the Template Options and find custom_variable_2
3) In the space provided put in 99 for the custom variable 2 field.
4) At the bottom click on Save and Apply
5) Click on Apply Changes Now
Note-1: you are on the managed page for a specific IAP network in this group
therefore this variable setting of 99 will only be applied to this IAP networks VC1.
You would need to go the manage page of each IAP VC in this group and specify
the VLAN for each IAP network. In this lab you only have one IAP, so there is no
need to go to any other manage page.
Lab 15 – IAP Templates Page 4 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
�
Note 2: the pre-defined variable name has been pushed down to the IAP network
but the custom variable needs to be set in the template file
Proceed to Lab 15.4
Lab 15 – IAP Templates Page 5 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
�
LAB 15.4 AirWave IAP Template Modification
We will now modify the template to use the custom variable and download this to
the IAP networks
1) In the sidebar menu expand Groups
2) Click on the IAP group BranchOffice. This will take you to the groups monitor
page.
3) Click on Templates in the sub menu.
4) Click the pencil beside the VC template name.
5) In the template file scroll down until you find the WLAN configuration and the
VLAN setting:
wlan ssid-profile employee200-10-Leo
enable
type employee
essid employee200-10-Leo Note VLAN number will vary
opmode wpa2-aes depending on your table
max-authentication-failures 0 number
vlan X1
auth-server Radius01
rf-band all
6) Here we will replace the VLAN number with %custom_variable_2% (the
variable we have selected for VLAN#).
This must be an exact match to the variable name, don't make a typo here
E.g.: vlan %custom_variable_2%
7) At the bottom Click on Save and then Save and Apply.
8) Look at the changes to be applied and you should see at the bottom. What will
be removed ________________and what will be Added__________________
9) Click on Apply Changes Now
Let’s check our changes on the IAP VC1
1) Open a browser page to your IAP
2) What is the name of the IAP VC? _______________
Lab 15 – IAP Templates Page 6 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
�
3) On the IAP browser page click Support (top right hand of your screen.)
4) From the command drop down menu select AP ESSID Table.
5) Click on Run and answer these questions
a. What is the Name of the ESSID? _________
b. Which VLAN will the users get their IP assignment? ___________
c. Close this window
6) In the AirWave, check the status of the VC and make sure the configuration is in
a GOOD state
Proceed to Lab 15.5
Lab 15 – IAP Templates Page 7 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
�
LAB 15.5 Adding a Second IAP Cluster
We will now add in a second IAP cluster as if it was a new installation.
You have the second cluster IAP VC2. We will wipe out the configuration of this cluster
and use this IAP cluster to simulate a newly installed cluster.
1. Open a terminal application (like putty, or HyperTerminal) and gain access to the
IAP console port of the IAP. Telnet to 172.16.P.10X where P is your new cluster’s
POD# and X is the table#.
2. Login with admin / admin
3. Type reload and Y to confirm
4. Stop the autoboot by hitting enter at the appropriate time.
. . .
Net: eth0, eth1
Radio: bcm43460#0, bcm43460#1 Hit enter here
Hit <Enter> to stop autoboot: 2
apboot>
Note: If you missed the stop autoboot, then go back to step two and start over.
5. From the apboot prompt type in factory_reset and click enter. Once the reset is
done then enter command boot, and wait for this IAP to reload.
Now we will configure what is needed for this class.:
6. Login with admin / admin and enter the following commands:
config t
virtual-controller-ip 10.201.X0.100
(Note: X is the Table number)
exit
wr mem
commit apply
7. Once reloaded, open a browser page and go to the IP address of your new IAP at
IP address 10.P.X0.2 or 10.P.X0.100. The P is the POD# of cluster 2 (VC-2) and
X is your table number.
8. Login with admin / admin
Lab 15 – IAP Templates Page 8 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
�
9. You may be presented with a FREE 90-day cloud management message. We
will not accept this generous offer so simply close this pop up window.
NOTE: If your IAP is a ROW then you would get a pop up window asking for your
country code. Your IAPs should be pre-set for the USA. If not then select your
country code.
Configure the VC name and AirWave setup
1) Click on the System link on the top right hand side of the display
2) Set the Name to IAP-VC-2-(your name)
3) Click on the Admin tab and in the AirWave section enter the following
information:
a. Organization: BranchOffice:CA:(yourname)IAP2
i. NOTE: This must match exactly the organization that you set for
VC-1.
b. AirWave IP: (your AirWave IP address)
c. No Backup AirWave
d. Shared Key: aruba123
NOTE: this is the same Key you used for VC-1
e. Retype shared Key: aruba123
4) Click on OK
Proceed to Lab 15.6
Lab 15 – IAP Templates Page 9 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
�
LAB 15.6 Verify the Second IAP Cluster
We will now go to AirWave and see the new IAP cluster
1) Log into the AirWave with the user name: admin;; password admin.
2) In the sidebar menu expand APs/Devices and select List submenu
3) In the drop down menu for Go to folder select (your name)IAP2
Note: you may have to wait a few minutes for the new cluster to go from down status to
an UP status. Once UP the configuration will be synced and verified.
4) What is the configuration state of the new IAP-VC-2-(your name)?: ______________
This mismatched is because there are some variables that have not been
configured. These variables are needed for the configuration sent down to IAP-VC-
2-(your name).
Let’s identify the missing variables
1) In the device list click on the IAP-VC-2-(your name) Mismatched or Error
configuration status.
2) Scroll the template file and look for Actual and Desired.
3) Can you determine which two variables are missing?
a. 1st Variable: ______________
b. 2nd Variable: _______________
Now if you concluded the Radius variable and the VLAN variable, you are correct. The
Radius Variable is a standard variable that must be set for all new clusters. The VLAN
variable was %custome_variable_2% that we set up in a previous lab.
We now need to set the variable for IAP-VC-2-(your name)
1) We can fix this by clicking the on the Manage sub menu
2) In the settings field you will see the Radius attribute is blank. Type in 10.254.1.21
3) In the Template options section there is custom_variable_2 and it is blank. Type in
the number 98. This represents the VLAN number.
4) At the bottom of the screen click on Save and Apply followed by Apply Changes
Now.
Lab 15 – IAP Templates Page 10 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
�
5) In the sidebar menu expand APs/Devices and click List then select (your name)
IAP2 in Go to folder.
6) What is the configuration state of IPA-VC-2_(your name) state? __________
Note: you may need to wait a few minutes.
Let’s check the configuration on VC-1
1) Login to the GUI of IAP-VC-1_(your name), at 10.P.x0.100 with admin/admin (P is
the POD# for VC1 and X is the table number of VC-1).
2) Under Network click on the WLAN employeePX
3) Look below in the info box. What is the value of the VLAN?:________
Let’s check the configuration on VC-2
1) Login to the GUI of IAP-VC-2_(your name), at 10.P.x0.100 with admin/admin (P is
the POD# for VC2 and X is the table number of VC-2)
2) Under Network click on the WLAN employeePX.
3) Look below in the info box. What is the value of the VLAN?:________
Conclusion
Both clusters are advertising the same SSID. Associating to the SSID on cluster VC-1
will put the clients in VLAN 99. Whereas associating to the same SSID on cluster VC-2
would put the clients in VLAN 98.
Proceed to LAB 15.7
Lab 15 – IAP Templates Page 11 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
�
LAB 15.7 Multiple Updates
It would be a bit of a pain if you had to go to several IAP VC’s managed pages to make
a change. So for multiple changes we can use the Virtual Controller variable and
make several updates at the same time.
1) Go to your AirWave server
2) In the sidebar menu expand on Groups
3) Click on the IAP group BranchOffice. This will take you to the groups monitor page.
4) Scroll down to Modify Devices and click on the pencil
5) Select the two IAP VCs by clicking on their boxes.
6) From the drop down menu that says “Change device Group/Folder” select “Aruba
Instant Virtual Controller Variables”
7) Then click on the Update button that has appeared
A new window will appear with both your IAPs.
8) Select the two VC network by clicking in the boxes.
9) Change the hostname and remove (your name) so you should have IAP-VC-1 and
IAP-VC-2
10) Change the custom Variable 2 from 99 and 98 to X1 where X is your table
number of each VC
E.g: Table 1 would be 11….. Table 5 would be 51…table 12 would be 121.
11) Click on Save note the changes then Apply Changes Now.
12) In AirWave, make sure the IAP devices are UP and configuration is Good
Let’s check the configuration on VC-1
1) Login to the GUI of IAP-VC-1, at 10.P.x0.100 with admin/admin (P is the POD
number of VC-1X is the table number).
2) What is the VC name? ______________
Lab 15 – IAP Templates Page 12 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
�
3) Click on the Network bar to expand it
4) For the WLAN employeePX<yourn name>
5) What it the IP Assignment value?________
Let’s check the configuration on VC-2
5) Login to the GUI of IAP-VC-2_(your name), at 10.P.x0.100 with admin/admin (P is
the Pod number of VC-2 and X is the table number)
6) What is the VC name?______________
7) Click on the Network bar to expand it
8) For the WLAN employeePX<yourn name>
9) What it the IP Assignment value?________
You have completed LAB 15
Lab 15 – IAP Templates Page 13 of 13
CONFIDENTIAL © Copyright 2016. Aruba Networks, Inc. All rights reserved.
