Wednesday, January 8, 2020

PSA Aruba Support Advisory: Instant Clusters cannot connect to Central after February 07, before version 8.6.0.2

Hey guys,

just a small reminder for anyone who has Aruba APs managed in Aruba Central and did not get the announcements from Aruba.

tl;dr: Upgrade your firmware to 8.6.0.2, 8.5.0.5, 8.4.0.6, 8.0.3.11, 6.5.4.15 or 6.4.4.8-4.2.4.16 (depending on your possibilities).

If not, IAPs can not establish a new connection to Central anymore and return to being a locally managed cluster.

WHAT HAPPENS IF …

If the affected customer deployments are NOT upgraded by Feb 07, 2020, then,

• IAPs will continue to provide client connectivity and forward traffic as designed. There is no impact to WLAN operation of the Instant cluster.

• Existing connection of IAPs with Central and AirWave will continue to remain as is after February 07, 2020. However, if that connection were to reset due to either a loss of Internet connectivity, a reboot of AirWave, or a reset of Central, the impacted versions of IAP will not be able to reestablish a new SSL connection back to the management platform. This issue only affects connectivity between IAP and management platforms.

CUSTOMER DEPLOYMENTS NOT AFFECTED

This issue does NOT affect the following Instant deployment scenarios with any IAP platforms.

• Airwave managed deployments using PSK-based device authentication

• Instant customers not using Central, Airwave, or Activate, but locally managing Instant clusters

• Future deployments of un-provisioned APs in factory-default state

• If un-provisioned APs in factory-default state are deployed in an environment that offers connection to the internet for the APs to reach Activate, then Activate will be able to force an upgrade to a software version with a fix for the issue over an unsecure channel. The upgraded APs will then come back online, set up a secure connection with Activate, and proceed to the next step that includes redirection to Aruba Central or AirWave successfully.

• If un-provisioned APs in factory-default state are deployed in an environment that offers no connection to Internet for the APs to reach Activate, then Activate will not be able to perform an upgrade of the APs automatically. In such cases, the customer must manually upgrade the APs to a software version with the fix, by either using AirWave with PSK based authentication or using local management option within the master AP of the Instant cluster.

• New controller-based AP deployments

• If Internet connection is available to the APs in a new controller-based deployment, the APs will still reach out to Activate and Activate will force an upgrade of the APs to a software version with the fix. After the upgrade, the APs will connect to the controller.

• If Internet connection is not available, the APs will still be able to connect to the controller.

ARUBA TECHNICAL ASSISTANCE CENTER

Should you require any assistance or clarification regarding this advisory, you can open a support case through the Aruba Support Portal at https://asp.arubanetworks.com. To call, please use the numbers found @ https://www.arubanetworks.com/support-services/contact-support/



No comments:

Post a Comment