Aruba Central/Virtual Controller Configurations

I recently encountered an odd issue while deploying an Aruba wireless solution to a client. The project started out normal enough. I acquired 6 Aruba IAP devices and staged them in our server room. After creating the client “Group” in Aruba Central, I added the licensing and product serial numbers. Once the Group was up and running, I powered on all 6 IAPs and confirmed they checked into the portal successfully. I went through the normal checklist of configuration, changing device names, IP addresses, along with setting up the “system” information tab. Pretty normal for Aruba controller configurations thus far.

I then moved on to configuring the SSIDs. I set up 3 separate SSIDs, with appropriate security, on 3 separate VLANs. I copied the SSID information from the previous wireless configuration at this client location to minimize client reconnection issues. I also added the DHCP relay servers as needed. Once created, I could see the 3 SSIDs being broadcast in our staging lab. So no issues with the connections.

On the day of installation, I packed up all APs and arrived at the client. I deployed the APs in their locations and confirmed they all checked into the Aruba Central portal one by one. Device IPs were statically set, and away we go, or so I thought. Aruba Central seemed to be missing all of my configurations from when I was staging the APs. SSID and VLAN information had now disappeared. I chalked it up to bad luck and quickly re-created the configuration. Testing on all SSIDs was successful, as well as building coverage. I thought I could close the project out at that point.

A few days later, I was told by an employee that there were a few people who were able to connect to the WiFi, but unable to access the internet. I was supplied with a screenshot of the Windows 10 “available networks,” but it was showing two networks that were not configured in Aruba Central. I immediately thought of a possible rogue device but decided to dig a bit deeper. I logged into the Aruba local Virtual Controller, and what I found was that the VC configuration did not match the Aruba Central portal configuration at all. I contacted Aruba support, and they steered me in the right direction.

The Aruba Controller Fix

There are two layers in Aruba that you can make configuration changes. In Aruba Central, you can apply settings to the Group. This is the default view then you initially open a companies’ portal. These changes are global and apply to all access points/devices under that Group. You can then go one layer deeper and apply additional configurations directly to a Virtual Controller. This will deploy the confirmation to only the access points associated with that Virtual Controller. The easiest example would be the following.

You create a new Aruba Central account for Company Test. Company Test has four separate locations, noted as Office1 thru Office4. Each office has 5 APs, and a VC named Office1-VC, etc., etc. Under the Group settings, you create an Internal and Guest SSID. These 2 SSIDs will be deployed to all access points across all four offices.

Now say Office4 is the only manufacturing plant and requires a separate SSID for the shop floor. There’s no need to apply that to the entire Group/all locations, so you would simply click on the Office4-VC link in Aruba Central, and create the new SSID as needed. Office4 will still inherit the company-wide Internal and Guest SSIDs but will also have its own local SSID called ShopFloor. The tricky part, or the portion that I learned, is that you can easily miss any other SSIDs if you are only looking at the Group configuration and not keeping an eye on the VCs as well.

Have any questions about Aruba Controller Configurations? Please reach out to our team at any time!

This publication contains general information only and Sikich is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or any other professional advice or services. This publication is not a substitute for such professional advice or services, nor should you use it as a basis for any decision, action or omission that may affect you or your business. Before making any decision, taking any action or omitting an action that may affect you or your business, you should consult a qualified professional advisor. In addition, this publication may contain certain content generated by an artificial intelligence (AI) language model. You acknowledge that Sikich shall not be responsible for any loss sustained by you or any person who relies on this publication.

About the Author