Aruba AP Authentication

Campus AP Authentication - Provision AP for EAP-TLS

Reading Time: 19 minutes Most organizations are moving to a network where all ports are authenticated. This could lead to problems when we try to connect an AP to a network port as AP authentication is more than just an accept. There are two types of AP that might be considered. First, the Campus AP, which needs to connect … Read more Aruba AP Authentication

DHCP Vendor Class Identifier – DHCP Option 60

Reading Time: 4 minutes In several meetings I get the question, how can I sent different DHCP options to different devices. The answer is to use the DHCP Vendor Class Identifier, DHCP option 60. Every device sends this option to the DHCP Server, and each DHCP Server can answer with specific options, depending on the option 60. I will … Read more DHCP Vendor Class Identifier – DHCP Option 60

How to Protect from Spanning Tree and Loops in the Access Area

Reading Time: 8 minutes With modern architectures and campus designs, you do not need spanning tree anymore. But how could you protect from spanning tree BPDU’s and loops in the access area, e.g. from external devices? The classical scenario is the cleaner, putting the free cable into the switch because it is in his way. ArubaOS switches have some … Read more How to Protect from Spanning Tree and Loops in the Access Area

Operator Login with Radius Authentication and Authorization

Reading Time: 4 minutes This time is all about radius based operator login, as some devices might not support TACACS+. The post describes the operator login with radius authentication and command authorization. This post covers only the ArubaOS devices which do not support TACACS+ command authorization. Operator Login with Radius on ArubaOS Switches For those ArubaOS switches, which do … Read more Operator Login with Radius Authentication and Authorization

Operator Command Authorization and Accounting with ClearPass TACACS+

Reading Time: 4 minutes This is the second post on the TACACS+ topic. This time the post is all about TACACS+ operator command authorization and accounting. This is very helpful for logging who does what at which time and makes troubleshooting easier. Operator command authorization and accounting means, that all commands issued at the device, are sent to the … Read more Operator Command Authorization and Accounting with ClearPass TACACS+

Operator Login with ClearPass TACACS+

Reading Time: 10 minutes This post is all about operator login with ClearPass. I show the implementation of authenticating a network operator to Aruba Switches, Comware based switches, Aruba Controller and AirWave. For some devices, I will show the process with TACACS+. For those, which do not support TACACS+, I use radius authentication, which I describe in a later … Read more Operator Login with ClearPass TACACS+

How Aruba Central Provisioning Works

Reading Time: 5 minutes This time I will demonstrate the Aruba central provisioning process, to zero touch deploy switches and Aruba Instant AP’s. The process is using Aruba Activate as well. But let’s start at the beginning. What is Aruba Central Aruba Central is the cloud-based management solution from HPE Aruba. In the past, Aruba Central was used to manage … Read more How Aruba Central Provisioning Works

Traffic Capture with VMWare ESXi

Reading Time: 5 minutes My plan is to blog more about solutions and how to configure them and show how the packets look like. As I haven’t plenty of hardware I will use VMWare ESXi to simulate most of the stuff using HPE VSR routers. Therefore I was looking for a way to capture traffic of a specific VM … Read more Traffic Capture with VMWare ESXi

IRF MAD Detection

Reading Time: 5 minutes This post is about the IRF MAD detection methods, used with in HPN Comware based switches.  The purpose of IRF MAD is to prevent the split-brain scenario. If a split-brain occur, an IRF stack is broken, because of an link failure of one or more IRF links, or one or more IRF member switches experience … Read more IRF MAD Detection

New HP 5700 Switch Announced

HP 5700

Reading Time: < 1 minute HP announced the new HP 5700 switch as the new data center access switch. The switch supports IRF and is SDN ready. You can find the announcement here: http://h17007.www1.hp.com/us/en/networking/whats-new.aspx#.U_NThvmvX55 The switch is available in three different models: HP 5700-40XG-2QSFP+ Switch (JG896A) HP 5700-48XG-4XG-2QSFP+ Switch (JG894A) HP 5700-32XGT-8XG-2QSFP+ Switch (JG898A) For further details have a look at the … Read more New HP 5700 Switch Announced

%d bloggers like this: