IAP Static IP



To verify if the settings are changed, execute the command “printenv”
1. Login to Instant web interface:
2. Select AP and click “edit”
3. Configure IP details and click OK.
Reboot AP from Maintenance menu

RAP-3WNP Basic Config

To factory reset the RAP-3:
-Remove power to RAP
-Insert a small object into the reset hole and press and hold the button
-Continue holding the button in while powering on the RAP-3.

-Hold this for up to 10 seconds.  The lights on the RAP will flash

-You must connect WAN ethernet cable to E0.
Otherwise you won’t get instant open ssid
-turn on its power and wait 4min
-connect your pc wifi to “instant” open ssid
you will get ip
on the LAN, you will get ip after configuration if DHCP Server is not configured
Username: admin

Password: admin

-click System/General
NTP server: id.pool.ntp.org
Timezone: Jakarta UTC+07
-click System/Admin
change password
-click 1 Network/New
WLAN Settings
   Name: aruba
   Privacy usage: Employee
   Client IP assignment: Network assigned
   lient VLAN assignment: Default

   click Finish

Set DHCP Server
-click More/DHCP Server
Domain name: ngtrain.com

DNS Server(s):,

Allow all to wired-instant
-click Security/Roles/wired-instant

   set to Allow any to all destinations

To remove Network
-click unwanted Network

   on the right, you will see x, click that

To set Internal user for authentication

-click Security/Users for Internal Server

To set AD for authentication
-click Security/Authentication Servers
-click New
Name: AD1
IP address:
Auth port: 389
Admin-DN: aruba
Admin password:
Retype password:
Base-DN: cn=Users,dc=ngtrain,dc=com
Filter: (objectclass=*)

Key attribute: sAMAccountName

To set Captive portal for Guest users
-click Networks/New
WLAN Settings
  Name: Guest
   Primary usage: Guest
Client IP & VLAN Assignment
   click Network assigned
   click Default
Security Level
   Splash page type: Internal – Authenticated
   Auth server 1: here choose InternalServer or AD1 (can’t choose both)
click Finish

-user need to connect to Guest SSID then authenticate either using InternalServer or AD user first

To convert from IAP to RAP or CAP
-click Maintenance/Convert
Convert one or more Access Points to:
Remote APs managed by a Mobility Controller
Campus APs managed by a Mobility Controller

Standalone AP

To get Tech Support dump

-click More/Support/Run

To backup configuration
-click Maintenance/Configuration tab

-click Backup Configuration

To upgrade firmware
-every time you doing upgrade. You must back up the configuration first, otherwise it will gone after upgrading firmware
-download Conservative firmware from
-click Maintenance/About tab
noted down current firmware version
-click Firmware tab
click Browse and point to the downloaded firmware
click Upgrade Now
Conservative vs Standard difference
Over the years there has been a lot of confusion around the “Early Deployment (ED)” and “General Availability (GA)” tags.  These tags implied incorrect classifications and did not do an effective job indicating which release a customer should choose.  Any customer with a valid support account could download all releases with either tag.  The GA tag implied only the GA code could be freely downloaded and the ED tag gave the perception the releases were Beta code, not fully tested and not supported.
We are updating the names to clarify the differences between the releases and make it easier to know which release to run.  GA is renamed the Conservative release.  Conservative releases are for customers who prioritize stability over new features.  Customers who only run code that has soaked in the field at hundreds of customer sites should run the Conservative release.  Releases will typically take ~3-6 months to earn the Conservative tag.  ED is renamed the Standard release with no tag associated with it.  These releases have gone through full Aruba QA testing including system, scale and regression testing and they are fully supported by Aruba TAC.

Backup Aruba config using Expect

In this test, I am using MC3400 as an example
I install tftp server and expect in Ubuntu, so that I can set cronjob to backup every week

P: Password
Enable password: enable

-set correct timezone
# timedatectl set-timezone Asia/Jakarta

-Install TFTP Server
# apt-get install tftpd-hpa
# mkdir /tftpboot
# chmod -R 777 /tftpboot
# chown -R nobody /tftpboot

# cat /etc/default/tftpd-hpa
TFTP_OPTIONS=”-s -c -l”

# service tftpd-hpa restart

-install tftp client to test upload file is working
# apt-get install tftp
# touch test.txt
# tftp
tftp> put test.txt
# ls /tftpboot
file test.txt should be there

-Install AutoExpect
# apt-get install expect-dev -y

-create backup script
# cat backup-aruba.sh
#!/usr/bin/expect -f
set DATE [exec date +%Y%m%d%H%M]
spawn ssh admin@
expect “password:”
send — “Password\r”
expect “>”
send — “enable\r”
expect “Password:”
send — “enable\r”
expect “#”
send — “copy running-config tftp: $DATE-config.cfg\r”
send — “tar logs tech-support\r”
send — “copy flash: logs.tar tftp: $DATE-logs.tar\r”
send — “backup flash\r”
send — “copy flash: flashbackup.tar.gz tftp: $DATE-flashbackup.tar.gz\r”
send — “copy flash: local-userdb-export tftp: $DATE-local-userdb.bin\r”
send — “exit\r”
send — “exit\r”
expect eof
1. How to get Aruba hostname (show hostname) and put into Expect variable
2. Need to find out what files need to back up in CPPM and VMC, and what are the commands

Reuse evaluation key

Using the trial/eval keys, you can re-use them 3 times for up to 90 days.
After 90 days or before, you will have to backup the config (NOT a flash backup), wr erase all, and then either re-configured (great practice) or paste in the new config.
You cannot use the flash backup as it will restore the old key timers and will show expired upon reboot.
Backup Config Only
In the WebUI
1.Navigate to the Maintenance > File > Copy Files page.
2.Select the source where the file or image exists.
3.Select the destination to where the file or image is to be copied.
4.Click Apply.
In the CLI
copy startup-config flash: <filename>
copy startup-config tftp: <tftphost> <filename>
copy running-config flash: <filename>
copy running-config ftp: <ftphost> <user> <password> <filename> [<remote-dir>]
copy running-config startup-config
copy running-config tftp: <tftphost> <filename>
The default.cfg cannot be overwritten at runtime through tftp/ftp.
Copy the file into the controller under a different name, then set boot boot config-file to that file.
After a reboot, if you would like this to be your default.cfg, set the boot config-file back to default.cfg
then issue a write mem.

Upgrade Aruba Mobility Controller Firmware

1. Backup config
#backup flash
-click Maintenance/File/Backup Flash/Create Backup
-list backup file
-rw-r–r–    1 root     root          446 Jan 11 06:35 AUDITTRAIL-HISTORY.log
-rw-r–r–    1 root     root          230 Jan 11 06:35 AUDITTRAIL-LOGIN_OUT-HISTORY.log
-rw-r–r–    1 root     root        14136 Jan 11 06:34 default.cfg
-rw-r–r–    1 root     root         7617 Jan 11 06:16 default.cfg.2016-01-11_06-16-50
-rw-r–r–    2 root     root         7698 Jan 11 06:24 default.cfg.2016-01-11_06-24-03
-rw-r–r–    1 root     root        10621 Jan 11 06:34 default.cfg_writemem_2016-01-11_06-34-53
drwxr-xr-x    3 root     root         1024 Jan 11 06:26 fieldCerts
-rw-r–r–    1 root     root        23327 Jan 12 00:29 flashbackup.tar.gz
-rw-r–r–    1 root     root         1324 Nov  8 17:22 lic
-rw-r–r–    2 root     root         7698 Jan 11 06:24 original.cfg
drwx——    2 root     root         1024 Nov  8 10:02 tpm
-copy backup somewhere else
#copy flash: flashbackup.tar.gz ftp: ftp Password
Maintenance/File/Backup Flash/Copy Backup
-export license
#license export license
-rw-r–r–    1 root     root          446 Jan 11 06:35 AUDITTRAIL-HISTORY.log
-rw-r–r–    1 root     root          230 Jan 11 06:35 AUDITTRAIL-LOGIN_OUT-HISTORY.log
-rw-r–r–    1 root     root        14136 Jan 11 06:34 default.cfg
-rw-r–r–    1 root     root         7617 Jan 11 06:16 default.cfg.2016-01-11_06-16-50
-rw-r–r–    2 root     root         7698 Jan 11 06:24 default.cfg.2016-01-11_06-24-03
-rw-r–r–    1 root     root        10621 Jan 11 06:34 default.cfg_writemem_2016-01-11_06-34-53
drwxr-xr-x    3 root     root         1024 Jan 11 06:26 fieldCerts
-rw-r–r–    1 root     root        23327 Jan 12 00:29 flashbackup.tar.gz
-rw-r–r–    1 root     root         1324 Nov  8 17:22 lic
-rw-r–r–    1 root     root         1469 Jan 12 00:48 license
-rw-r–r–    2 root     root         7698 Jan 11 06:24 original.cfg

drwx——    2 root     root         1024 Nov  8 10:02 tpm

2. Download firmware

A. Go the the Aruba support site.
(Login with your partner account)
Read the release notes for upgrade order i.e
Upgrading From an Older version of ArubaOS Before you begin, verify the version of ArubaOS currently running on your controller. If you are running one of the following versions of ArubaOS, you must download and upgrade to an interim version of ArubaOS before upgrading to ArubaOS
For ArubaOS 3.x.versions earlier than ArubaOS, download the latest version of ArubaOS 3.4.5.x.
For ArubaOS 3.x or ArubaOS 5.0.x versions earlier than ArubaOS, download and install the latest version of ArubaOS 5.0.4.x.
For ArubaOS or versions, download and install the latest version of ArubaOS 6.0.1.x
Go to download software.
B. Choose the relevant ArubaOS that fit your controller model.
C. Read the release notes (upgrade notes)
D. Download the firmware to your pc.
E. Login to the the controller as admin
Go the maintenance

Choose the right method (I prefer ftp)

Use ftp much faster than tftp
3CDaemon (old..but working when needed – found some download links for u)
TFTPd (my favorite *There is also 64bit bersion)

Note: If you are planning to upgrade a 3200 to 6.2 that one requires that you upgrade the memory

3. upgrade non default boot

4. it will automatically reboot and choose partition that we upgrade (partition 1) as default boot

5. because current default boot is partition 1 and we want to upgrade all the latest firmware into partition 1.

We need to boot from partition 0 first then upgrade partition 1

boot from partition 1
You have to reboot the controller and enter in the cpboot mode.
You do it by when you reboot the controller just press mm enter enter until you get this mode…
It will tell press any key to enter in the cpboot but it just like 3 secs… so i just press enter until i get into it
After that
For Partition 0
cpboot> bootf 0
For Partition 1
cpboot> bootf 1
click Maintenance/Controller/Boot Parameters
6. Once partition 1 upgraded to latest version then we can do the same thing to partition 0

7. I encounter this error “write Device: No such file or directory” when I upgrade from 5.0.4.to

SOURCE: https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Method/attachment/Default.aspx?EntryId=13579
Log in to the WebUI from the PC or workstation.
Navigate to the Maintenance > Controller > Image Management page. Select the Upload Local File option, and click the Browse button to navigate to the image file on your PC or workstation.
To see the current boot partition, navigate to the Maintenance > Controller> Boot Parameters page.
Select No for Reboot Controller After Upgrade. Reboot manually after the upgrade.
Click Upgrade. Ignore the following error message when the upgrade is complete: “write Device: No such file or directory”
Navigate to Controller > Boot Parameters. Make sure that the partition you upgraded to is the boot partition.
Navigate to Controller > Reboot Controller. Select Yes next to Save Current Configuration Before Reboot?
When the boot process is complete, log in to the WebUI and navigate to the Monitoring > Controller > Controller Summary page to verify the upgrade, including country code. The Country field displays the country code configured on the controller