Hello and welcome back. My name is Tyler McMinn with Aruba, and this is our Aruba Cloud Basics video series part 2. We're taking a look at doing configuration with Aruba Central Cloud and some concepts and comparison of key technologies that we're able to configure. I want to start by saying that some of these slides are a bit dated and there's always changes being deployed. If you'd like to check the latest Aruba Central documentation, I made a quick Bitly link here to direct you to this site where it describes what Aruba Central is and then goes into some key features, supported documentation on it, and what's new. If you go to the different version that's available and just a deep dive into what you get with Central, and this is constantly being updated. This is a good place to start. Also check airheads, our community website with Aruba, that'll give you a bit more information. For now though, let's take a look at some broad concepts of what you can configure. This isn't a course on how to configure, although I will show you some practical examples, it's more of a takeaway for you to see how easy it is and what you can push out from the Cloud to this edge level at the access point at the switch and at the gateway level. Let's get started. Hi. Let's start with this concept of Aruba Central groups. A group, when you think of wireless, is an access point group, every vendor has this concept. It means that you can put dozens or hundreds or even thousands of access points into the same group and they would automatically inherit the same settings. If you have 50 access points to cover this building, and you want these three SSIDs to be broadcasted, you place those in a group called maybe, I don't know, main building and then those be the wireless LANs and their configuration. If you need to extend the same SSID employee to a different building, but you want to have some subtle changes other SSIDs may be added or removed, you can just simply copy the wireless LAN you need into a different group. If it's going to be exactly the same at multiple sites, then no problem, just extend the group to multiple sites. But like a home office might have the same SSID for employee. However, the forwarding might be slightly different and we might have added a new SSID for Internet. That would mean it's a different location, it should be a different group. Any IAPs added to the home office, are going to inherit those settings. Same thing with the switch. We have this concept of groups of switches that are going to be managed more through templates, and we'll dive into that as well. To create a group, you go into Aruba Central, and in the solo or customer account as part of an Organization tab, you'll find your new group option right here. You can just hit plus and create a new group. There's always the default group, which includes any devices that has not yet been assigned to a group so any new IAPs and switches, they're going to show up in the default, and then you just simply move them over to the group that you want. Unassigned devices will be listed here and the number of devices in this list of groups can be edited or the group itself can be removed, or you can add a removed devices there. For instance, IAPs, the virtual controllers listed, even though there might be on 99 other IAPs at that site, at that school, for example, you're just going to see the VC. To place the device in a group, simply click and drag the device into the group that you want. Pretty easy there or hit the little left arrow there. You can organize your locations by site. Sites are more for the actual physical location. You can use a site to select devices you want to monitor or manage so it's a filtering tool as well. The IAPs in Ottawa, the IAP and switches in Sunnyvale, the IAP and switches in Paris. That's fine. Groups are going to apply to the device. They're going to share a config. Instant access points and switches don't share the same config, they'd be separate groups, but they might be in the same site. Then if you look at sites and labels, you can go to organization, add those new site, or you can bulk upload a list of sites if you have them as a CSV file in Excel or something like that. These will include the name of the site at the address, civic address, cities, states, countries of code. Pretty much anything you want. You can simply drag these in as well. Now there's also this concept of labels. We'll see you in just a minute. They're creating a new site. Simply add one in if you want to go ahead and hit the little Add button there. You can choose in a drop-down what state and provinces. This stuff will auto-populate. The cool thing about sites as well in the Overview tab is you can actually see where they are in the world. If you put in a proper civic address, it'll appear in the Network Health map. Under Network Health you'll see red if there are some issues, green if there are no issues, and you can click and zoom in on these as well, even down to the street level. If red we have some issues, you can pop that open and see some insights as to the devices there. Now labels are going to be your own tagging or labeling method. This might be, for example, the building and floor number that you want to add a label there. A device can have multiple labels. They help you to determine ownership departments, maybe even the functionality. You can create other labels for additional devices or location types. If you want to get more granular, can see I labeled example to see all devices in a conference room, for example. We're going to use this specifically for filtering. It depends on the labeling you have, you might have these devices with IAP building floor 1, floor 2, although both part of building 1. We have a separate label for all of the devices, and then more narrow labels when we want to just get information about a particular floor, and then maybe an entire city label that applies to everyone. Conference rooms could cover just those IAPs across these as well, so a lot of flexibility here with a labeling. To create a label, global or whatever your organization is, Go down, and Add Label, and you can choose the devices that you want to drag and drop into a particular label to manage those if you'd like. With that in place, you can apply filtering. Under network house, for example, you've got this little says filter option. You can filter by group, by site, and of course by labels. This allows you to affect what you're monitoring, and what you're reporting on, what you're troubleshooting. It helps narrow the scope to just those devices that you are impacted by or that you're trying to troubleshoot for the actual configuration of the wireless. Let's start there, now remember, there are three device types that central managers from Aruba access points Aruba switches, and Aruba gateways. In this case, we're looking at the access points first. Under Network Health, apply your filtering if you'd like. If you select the group, then the configuration will apply to only that group. For example, if the group, IAP-group-south has three IAP clusters, just like the IAP-Group-South then central will push the change config to all three IAP clusters for being the 120 or less access points in that same VLAN. If we go under access points here, there is a configuration option in the upper right-hand corner. You select the group itself, select the Configuration Button, and now you're at the configuration window here. Wireless LANs access point, radios, interfaces, all these at the top, and you can hide some of the advanced stuff if you'd like. You can configure a wireless LAN for the IAP cluster. It'll deploy that like a guest network, or a voice network, as well as edit the radios, and then show advanced options there as well. Under the system tab, I can go in and see the devices themselves. Ids recommended that you set up your country code. Country code has now been set to start with, then that's usually what you would do, and then select the IAP county or country on the drop-down window. Here they're just setting it to the United States, and the default times that you want to use there, and wireless management for under our group, looking under system. Here we go. They've selected one of the IAPs, and they're just hitting the little pencil icon to edit that particular device, editing the country code. You can edit that IAPs name, and possibly IP Address if you'd like to. Then under the access point tab, you have a list of the IAPs associated to this group, and of course, this depends on what filtering that you're using. I like the wireless LAN wizard, this allows you to go in and create just a wireless LAN. If you wanna go ahead and create a new network, you can follow this wizard here and it'll walk you step, by step, to make sure that you're not missing anything that you're going to need, for this to work. The wizard walks you through with the name of the SSID that's been broadcasted. What VLAN on the wired side, you're going to drop the traffic into, are you doing external DHCP or internal, security-wise, are we doing enterprise pre-shared keys, captive portal gas, or just leaving it open, and then what firewall policy or authorization access do you want to allow users? Do you want to lock the internet permit, printers? What role firewall in policy do you want to push out? It will summarize that before you pull it. Very quick and easy on the wireless side, extremely easy to manage. When you look at the switch inside, they're doing a lot of work to improve on this as well, but there is this use of templates that have been available for a while now, where we've chosen a group for our switches or selected advice. On that device, on this 3810-switch, they're looking at interfaces, ports, or PoE, or your trunk gain, or spanning tree, a loop protect the lands, whatever, and importance themselves just a list of available ports, their status, and what their settings. If you need something that's a little more sophisticated, then we'll take a look at templates. If you'd like to stack your switches. this is a feature that was added at least fairly recently according to this. You can hit the plus to add in the first switch or the commander that's going to hold your configuration and then hit the second plus here to add additional members to that stack. A stack of switches is like a chassis, except they're not actually slotted into a chassis, they're just stand-alone switches, that are cabled with back plane switching. If there are 3810, or 20, and 30 AM, or front side. We've got virtual switch framework, VSF for onsite stacking. Either way, if they're stacked up, if there are cabled appropriately, you can add them into this commander and line card build. Once it's done, you'll have a stack of up to 10 switches depend on model number, but up to 10 switches that behave as if it's just the single switch. Very common deployment methods. Once this has finished, if you look at your switches here, you now have a 20930F stack. The type of stack BSF, the stack ID, how many members? Just one, lonely but okay, and you're good to go. Templates, as I mentioned, is a way you can get a lot more detailed in your configuration. You could add variables. There are some built-in variables here, but if I go to switch and config, you can use this to do some command-line based configuration parameters to multiple switches at the same time in the same group. These are auto switches. We're going to add a template to the group. Give the template a name, the device type, the model number, possibly the part number, which we'll apply, and then hit all four versions and a specific switch model for model. Again, you're going to dive into the class in a lot more detail in this. But at the end of the day, what this would do is if you import this template to the group is going to apply these CLI commands to your devices. This template can include some pretty cool configuration in here, some nice command lines. Little bit of programming when it comes to variables, but nothing bad not like Python. Here's a group with the VLAN 120 and they have untagged one through 10. We want to push that out to multiple switches through the use of a template. You can do a variable like the hostname. While the VLAN should be the same on both switches, the hostname should be unique. They use this variable statement here with percentage size to indicate the beginning and end of what the variable is. In this case, sys_hostname. You can have a unique hostname per switch. This variable file within setup for Switch 1, the hostname is DF1-1. For Switch 2, the hostname will be the DF2-2. There you go and we push that out for you. This is what it would look like with several other variables and you can do if this exists, then do this type of statements. Yeah, it gets a little into it. But with a little bit of practice, you can apply these variables, these conditionals, and then standard configuration that's going to be shared across everybody. You can download a sample variable file to get an idea of variables and play around with them. If you have an all-configured variable file, you can download this file and just apply it. You can also make changes in the editor. But if you have several switches, this could take a little bit of time. You can download the sample file in the JSON or even a CSV format. JSON shows the file in JSON format and CSV shows the variables in the different columns that you have here if it's CSV. If you pull a JSON file, this is a CSV example. Here's where you can just edit the CSV file. It's just comma-separated values. Here's the variable at the top of the header, and then the different switches and what their unique values would be. These are standard variables. Maybe you had a custom one to have different VLANs on different switches. You can do that as well. JSON format, you had this key-value format. I think I mentioned this in one of our previous videos. But JSON is in the Python section. But yeah, it's not horrible. If you want to make modifications to a template file and navigate to the switch group and template here. Then, unlike UI groups, template groups have minimal UI options and use CLI commands to provision a device. This is something that I know they've done a lot of work on. You might want to check what the updates are to make this a little bit easier. But in the old days, you would hit the little pencil icon here and then import the configuration file. This is the little edit template modification walkthrough that we use, for you to be able to pull this template file in. Central managed devices, they're going to receive their configuration when you go to push this template out. Occasionally, what will happen is you'll get some failed to apply changes. This is where you want to go back and troubleshoot why a particular template didn't apply. You can look at config differences. This is neat. To view config, click on the Switch. Here's a log of the issue and there may appear to be various issues, but in fact, this is a history of failure. When you review the information, note the timeline that's edited here and it'll give you the line where there's an issue. Module command missing for the port or invalid port numbers. Maybe you are trying to apply a config deport 48 and you only have 24 ports on your switch, that would be cause for concern. I think this is a good place to pause. That was a quick overview of the configuration part. When we come back in the next video, we're going to dive into monitoring and actually looking at your devices now that we know how to add them, now that we know how to configure them, we want to be able to troubleshoot and monitor the status of our devices. Thank you very much for your time. I'll see you guys back in the next video.
