Installing and Setting Up Aruba Central On-Premises

Aruba Central On-Premises combines industry-leading functionality with an intuitive user interface for easy monitoring and management of your wired and wireless networks. Aruba Central On-Premises supports single node cluster with up to 2000 devices. Aruba Central On-Premises also scales to support three to five nodes cluster with up to 8,000 to 16,000 devices, or seven nodes cluster with up to 25,000 devices. Aruba Central On-Premises supports Aruba Remote APs, Instant APs, Campus APs, controllers, and switches.

This document helps you plan for and complete the installation of Aruba Central On-Premises on a physical appliance, or your multi-node Aruba Central On-Premises clusters.

Before You Begin

The following information will help you configure the Aruba Central On-Premises servers and prepare your deployment.

IMPORTANT CONSIDERATIONS

Ensure the below details are ready before setting up Aruba Central On-Premises. Ensure that the following are correct and are reachable.

Any mistype or incorrect details in the Network Settings cannot be reverted. The only option is to reinstall Aruba Central On-Premises.

Multiple FQDNs

As a part of the HPE GreenLake updates, Aruba Central On-Premises now requires multiple FQDNs to be configured for Aruba Central On-Premises cluster.

The FQDNs created must resolve to the same cluster IP address (VIP). The new FQDNs should be in the format mentioned below:

  • cluster_fqdn
  • central-<cluster_fqdn>
  • apigw-<cluster_fqdn>
  • ccs-user-api-<cluster_fqdn>
  • sso-<cluster_fqdn>

The following table provides details of the multiple FQDNs and their consumer names that are configured for Aruba Central On-Premises cluster.

Table 1: Multiple FQDNs

FQDN Consumer

cop-deployment.companyx.com

Central-UI User Interface. home page access from the browser

central-cop-deployment.companyx.com

Central-UI NMS Network Management System. NMS is a set of hardware and/or software tools that allow an IT professional to supervise the individual components of a network within a larger network management framework. page access from the browser

apigw-cop-deployment.companyx.com

Central NBAPI access from the customer application

ccs-user-api-cop-deployment.companyx.com

Central-UI API Application Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. access

sso-cop-deployment.companyx.com

Central-UI authentication page access

Ensure the DNS servers, both primary and secondary configured on Aruba Central On-Premises resolves the following FQDNs:

  • central-<FQDN>

  • sso-<FQDN>

  • apigw-<FQDN>

  • ccs-user-api-<FQDN>

Additionally, the DNS servers must also resolve the public and private DNS namespaces required by the organization.

Points to Remember

To complete the Aruba Central On-Premises setup, ensure that the following prerequisites are met:

Server Hardware Details

Aruba Central On-Premises can be installed on a Aruba Central ready AirWave appliance and Aruba Central-ready Central appliance. The server is an HP DL360 Gen 10 server with 40 physical cores, 512 GB RAM Random Access Memory., 3.4 TB disk space, and 10 Gbps minimum network interface speed.

Supported Ports

Configure the appropriate ports. Following table lists the supported ports:

Table 2: Domain Names and Ports for Aruba Central

Protocol and port Domain Names and Purpose

Inbound Ports Traffic

TCP Transmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. 443

To access and manage Aruba Central On-Premises.

For HTTPS Hypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. and web-socket between Aruba Central On-Premises and devices.

UDP User Datagram Protocol. UDP is a part of the TCP/IP family of protocols used for data transfer. UDP is typically used for streaming media. UDP is a stateless protocol, which means it does not acknowledge that the packets being sent have been received. 8211

To receive AMON Advanced Monitoring. AMON is used in Aruba WLAN deployments for improved network management, monitoring and diagnostic capabilities. messages and view data for controllers in the Aruba Central On-Premises monitoring dashboard.

TCP 22

 

For management access through SSH Secure Shell. SSH is a network protocol that provides secure access to a remote device. and cluster setup.

For CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. between Aruba Central On-Premises and devices.

To access and manage Aruba Central On-Premises.

TCP 80

For browser redirect from HTTP to HTTPS.

TCP 2379, 2380, 4433, 6433, and 10250

For communication between Aruba Central On-Premises nodes in a cluster.

TCP 4343

To access the setup-wizard installation.

NOTE: The Aruba Central On-Premises setup-wizard is shut down and the port 4343 is closed after 2 hours when the COP setup is completed successfully. The time span of 2 hours is provided to the user to inspect the status of the Aruba Central On-Premises setup-cluster.

TCP 30633

To allow the devices to set up a connection with the OpenFlow OpenFlow is an open communications interface between control plane and the forwarding layers of a network. controller.

TCP 8888

For HTTP-based firmware image download for CX and PVOS switches.

Outbound Ports Traffic

TCP 25, 465, or 587

Dependent on the SMTP Simple Mail Transfer Protocol. SMTP is an Internet standard protocol for electronic mail transmission. configuration for alerts, reports, and Aruba Central On-Premises account registration.

UDP 123

To access ntp.ubuntu.com.

NOTE: This is default destination. Users can reconfigure this port.

UDP 161, 162

For SNMP Simple Network Management Protocol. SNMP is a TCP/IP standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention.  and traps.

UDP 514

For Syslog.

TCP 4343

For device bootstrap to controllers.

TCP 22

To access nexus2.airwave.com to support connection.

TCP 443

To access coreupdate.central.arubanetworks.com and allow Aruba Central On-Premises to check firmware versions for automatic upgrades.

To access images from the following registries:

  • quay.io
  • docker.io
  • docker.com
  • docker.elastic.co

NOTE: Quay.io traffic can originate from multiple IP ranges, refer to the article to allow traffic from Quay nodes.

NOTE: Aruba Central On-Premises downloads packages from private allow listed repositories and uses signed packages for images.

To access maps.googleapis.com to translate address.

To access api.mapbox.com to view maps from user's browser.

To access d1c50u1zbkqmph.cloudfront.net for CDN from user's browser.

To access https://enterpriselicense.hpe.com for licensing.

To access help.arubanetworks.com for documentation from user's browser.

The outbound traffic can be initiated from any node of Aruba Central On-Premises cluster. Hence, the outbound traffic from all nodes of Aruba Central On-Premises cluster should be allow-listed in the firewall.

The default protocol for sending Syslog messages is UDP with a default port of 514. However, the user can choose any port for communication.

Connections to the Server

Connect the following cables to the correct ports based on the figure below:

To view all the supported SFP modules, see Supported SFP Modules.

Once the server is powered on and the cables are connected to iLO and SFP+, reboot the server. The monitor displays the iLO IP address that is assigned by the user via DHCP or static IP.

It is recommended to upgrade all the Aruba Central On-Premises nodes to 512 GB for optimum performance. Starting from this release, the 256 GB RAM is not supported.

Installing and Setting Up Central Appliance

In case of Aruba Central-ready AirWave appliance, perform all the steps mentioned in this section.

In case of Central-ready Central appliance, perform steps mentioned from Step 3.

During the installation and setup process, the administrator account on the iLO logs out and a new Aruba Central On-Premises iLO user account is created. The BIOS password is secured as an internal hash.

Step 1: Perform the ISO Installation

To perform ISO installation, see COP Installation.

Ensure that the server is configured to RAID 0.

Step 2: Perform the Aruba Central On-Premises Installation

To perform Aruba Central On-Premises installation, see COP Installation.

Step 3: Configure ILO IP Address

Before proceeding with the procedure for running the network the setup cluster, perform the following steps to configure the ILO IP address:

  1. Log in to Aruba Central On-Premises with copadmin and the serial number.
  2. In the main menu of the CLI, perform the following:
    1. Enter 5 to select the Advanced option and go to the next menu item.
    2. Enter 3 to select the Configure ILO IP option.
  3. When prompted, enter the following network settings:
    • IP address
    • Subnet mask
    • Gateway IP address
    • DNS server IP address
    • Secondary DNS server address (optional)
  • To log into ILO web interface, enter copilo + <server serial number>.
  • To log into ILO console, enter copadmin + <server serial number>.

Step 4: Setting up the Permanent Network

The procedure to set up of permanent network performed for both Central-ready Airwave appliance and Central-ready Central appliance models is mandatory on all the nodes that are a part of Aruba Central On-Premises cluster. For more information, see Aruba Central On-Premises Installation Guide-Technotes.

The Central-ready Central appliance is pre-installed with Aruba Central On-Premises. Hence, you are required to set up the server, or the cluster only. For more information, see Aruba Central On-Premises Installation Guide-Technotes.

Step 5: Run the Network Setup from the CLI

  1. Log in to Aruba Central On-Premises CLI through a serial console.
  2. At the prompt, log in to the server using the following credentials:
    • user name = copadmin
    • password = <chassis serial number of the iLO>
  3. Any mistype or incorrect details in the Network Settings cannot be reverted. The only option is to reinstall.

Step 6: Configure the Aruba Central On-Premises server

  1. At the prompt, perform the following actions:
    1. Enter 6 to select the System Configuration option and go to the next menu item.
    2. Enter 2 to select the Network Settings option and go to the next menu item.
    3. Enter 1 to select the Permanent Network settings option and go to the next menu item.
  2. When prompted, enter the following network settings:
    • Network Interface
    • Server IP address
    • Subnet mask
    • Gateway IP address
    • DNS server IP address
    • Secondary DNS server address (optional)

    Following SFP+ network interfaces are supported:

    • Select only one network interface to configure the server.
    • Perform the above mentioned steps for all the nodes, if you are setting up a multiple node cluster.
  3. Enter the host name or FQDN of the Aruba Central On-Premises server (for example, *company.com).

Step 7: Configure the Cluster

During Aruba Central On-Premises software installation, you can setup the cluster, configure user credentials, and SMTP server.

Following steps explain the process to configure a cluster:

  1. Configuring NTP Servers—Set up NTP Network Time Protocol. NTP is a protocol for synchronizing the clocks of computers over a network. servers for the cluster.
  2. Central Configuration—Specify the cluster VIP, CLI user setup, user credentials for GUI, cluster private network, and proxy server setup.
  3. Additional Setup for SMTP—Set up SMTP servers.