Aruba Edge User guide

Using Aruba Orchestrator - 9.1.1

January 13, 2023

Using Aruba Orchestrator - 9.1.1 January 13, 2023

Copyright and Trademarks

©

subject to change without notice. The only warranties for Hewlett Packard Enterprise products and

services are set forth in the express warranty statements accompanying such products and services.

Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise

shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and

the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned

are the property of their respective owners. To view the end-user soware agreement, go to: Aruba EULA

Support

For product and technical support, contact support at either of the following:

1.800.943.4526 (toll-free in USA and Canada)

+1.408.941.4300

www.silver-peak.com/support

We are dedicated to continually improving our products and documentation. If you have suggestions

or feedback for our documentation, send an e-mail to sp-[email protected]om.

Aruba EdgeConnect SD-WAN Edge Platform 2

T  C

Using Aruba Orchestrator - 9.1.1 15

What’s New 16

Orchestrator 9.1.1 ......................................... 16

Aruba Central Integration ................................. 16

Deploy Cloud Hubs in Azure ................................ 16

Getting Started 17

Supported Browsers ....................................... 17

Guidelines for Creating Passwords ................................ 17

Overview of SD-WAN Prerequisites ............................... 17

Menu Options 20

Monitoring ............................................ 20

Configuration ........................................... 20

Administration .......................................... 20

Orchestrator ........................................... 20

Support .............................................. 21

Monitoring ............................................ 21

Monitoring > Summary ................................... 21

Dashboard ..................................... 21

Topology ...................................... 22

Health Map ..................................... 24

Alarms Tab ..................................... 26

Disable Alarms ............................... 27

Customize Alarms ............................. 27

Alarm Severity ............................... 27

Alarm Recipients .............................. 28

Additional Alarm Indications ....................... 28

List of Alarms ................................ 28

EdgeConnect Appliance Alarms ................... 29

Orchestrator Alarms ......................... 47

Monitoring > Reporting ................................... 69

Schedule and Run Reports ............................ 69

View Reports .................................... 70

Sample Report ............................... 71

Scheduled and Historical Jobs .......................... 71

Monitoring > Bandwidth .................................. 72

Overlay-Interface-Transport ............................ 72

Interface Bandwidth Trends ............................ 73

Interface Summary ................................. 74

Application Bandwidth .............................. 75

Application Pie Charts ............................... 75

Application Trends ................................. 76

3

Using Aruba Orchestrator - 9.1.1 January 13, 2023

Top Talkers ..................................... 77

Domains ...................................... 78

Countries ...................................... 79

Ports ........................................ 80

Traic Behavior .................................. 81

Appliance Bandwidth ............................... 82

Appliance Max Bandwidth ............................. 83

Appliance Bandwidth Utilization ......................... 84

Appliance Bandwidth Trends ........................... 84

Appliance Packet Counts ............................. 84

Tunnels Bandwidth ................................ 85

Show Underlays .............................. 85

Traceroute ................................. 86

Live View .................................. 86

Tunnels Pie Charts ................................. 87

Tunnel Bandwidth Trends ............................. 88

Tunnel Packet Counts ............................... 89

DRC Bandwidth Trends .............................. 90

Dynamic Rate Control ........................... 90

Flows - Active and Recent ............................. 91

Reset or Reclassify Flows ......................... 92

Additional Information about Flows ................... 93

ECOS 9.1 Behavior Changes ..................... 93

ICMP/UDP Flows ........................... 93

TCP Non Accelerated Flows ..................... 93

TCP Accelerated Flows ........................ 93

Appliance Flow Counts .............................. 94

Appliance Flow Trends ............................... 94

Tunnel Flow Counts ................................ 95

DSCP Bandwidth .................................. 95

DSCP Pie Charts .................................. 96

DSCP Trends .................................... 97

Traic Class Bandwidth .............................. 98

Traic Class Pie Charts ............................... 99

QoS (Shaper) Trends ................................ 99

Shaper Summary ................................. 100

Boost Tab ...................................... 101

Boost Trends ................................ 102

Change Boost Configuration ........................ 102

Firewall Drops ................................... 103

Monitoring > Tunnel Health ................................ 104

Live View ...................................... 104

Loss Summary ................................... 104

Loss Trends ..................................... 105

Jitter Summary .................................. 106

Jitter Trends .................................... 107

Latency Summary ................................. 108

Latency Trends ................................... 109

Out of Order Packets Summary .......................... 110

Out of Order Packets Trends ............................ 111

Mean Opinion Score (MOS) Summary ....................... 112

Aruba EdgeConnect SD-WAN Edge Platform 4

Using Aruba Orchestrator - 9.1.1 January 13, 2023

Mean Opinion Score (MOS) Trends ........................ 113

Tunnels Summary ................................. 114

Configuration ........................................... 115

Configuration > Overlays & Security ............................ 115

Business Intent Overlays .............................. 115

Overview .................................. 116

SD-WAN Traic to Internal Subnets .................... 116

Building SD-WAN Using These Interfaces .............. 117

Service Level Objective ........................ 117

Link Bonding Policy .......................... 117

QoS, Security, and Optimization ................... 118

Breakout Traic to Internet and Cloud Services ............. 118

Hub Versus Branch Breakout Settings ................ 118

Preferred Policy Order and Available Policies ............ 119

Break Out Locally Using These Interfaces, Available Interfaces, and

Link Selection ..................... 119

Apply Overlays ................................... 120

Interface Labels .................................. 120

Manage Labels ............................... 120

Create a Label ............................. 121

Edit a Label .............................. 121

Delete a Label ............................. 121

Hubs ........................................ 122

Deployment Profiles ................................ 122

Map Labels to Interfaces .......................... 123

LAN-side Configuration: Segments and Firewall Zones ......... 123

LAN–side Configuration: DHCP ...................... 123

WAN–side Configuration .......................... 125

A More Comprehensive Guide to Basic Deployments .......... 126

Bridge Mode ................................ 126

Router Mode ................................ 127

Server Mode ................................ 131

Deployment - EdgeConnect HA .......................... 131

Enable EdgeConnect HA Mode ...................... 131

IPSec over UDP Tunnel Configuration ................... 132

VRRP Configuration ............................ 132

LAN-side Monitoring ............................ 132

Firewall Zones ................................... 132

Internet Traic ................................... 133

IPSec Pre-Shared Key Rotation .......................... 134

Failure Handling and Orchestrator Reachability ............. 134

Schedule IPSec Key Rotation Dialog Box ................. 135

Intrusion Detection System (IDS) ......................... 135

Prerequisites ................................ 136

Enable or Disable IDS on Appliances ................... 136

Enable or Disable Rules with the IDS Allow List .............. 137

Specify Traic to Be Inspected ...................... 138

Advanced Reporting and Analytics .................... 139

SSL Certificates Tab ................................ 140

SSL CA Certificates Tab .............................. 141

SSL for SaaS Tab .................................. 142

Aruba EdgeConnect SD-WAN Edge Platform 5

Using Aruba Orchestrator - 9.1.1 January 13, 2023

Discovered Appliances ............................... 143

Preconfigure Appliances .............................. 144

Appliance Configuration Wizard .......................... 145

EC-Enterprise Licenses ............................... 148

Assign a License to an Appliance ..................... 148

EC-Metered Licenses ................................ 149

Assign a License to an Appliance ..................... 150

Bandwidth Usage Report ......................... 150

Feature License Usage Report ....................... 150

Cloud Portal .................................... 151

Configuration > Networking ................................ 151

Deployment Tab .................................. 151

Interfaces Tab ................................... 153

Terminology ................................ 154

Interfaces Edit Row ................................. 154

NAT ......................................... 156

NAT Rules and Pools ................................ 156

NAT Pools ............................... 157

VRRP Tab ...................................... 158

WCCP Tab ...................................... 158

PPPoE Tab ..................................... 159

Loopback Interfaces ................................ 161

Loopback Orchestration .............................. 161

Virtual Tunnel Interfaces (VTI) ........................... 162

VTI Dialog Box ............................... 162

DHCP Server Defaults ............................... 163

DHCP Settings ............................... 163

DHCP Leases .................................... 165

DHCP Failover ................................... 165

DHCP Failover State ................................ 166

Link Aggregation .................................. 167

View Aggregation Details ......................... 167

Modify Link Aggregation .......................... 168

Add a Channel Group ......................... 168

Modify a Channel Group ....................... 169

Delete a Channel Group ....................... 169

Regions ....................................... 169

Regional Routing ........................... 169

View Status .............................. 170

Edit Regions .............................. 170

Routing Segmentation ............................... 171

Segment Configuration ........................ 171

Delete a Segment ........................... 174

Management Services ............................... 175

Management Services Dialog Box ......................... 175

Inter-segment DNAT Exceptions .......................... 176

Inter-segment SNAT Exceptions .......................... 177

BGP Tab ...................................... 177

BGP Information .................................. 179

Add Peer ...................................... 180

BGP Inbound and Outbound Route Redistribution Maps ............ 181

Aruba EdgeConnect SD-WAN Edge Platform 6

Using Aruba Orchestrator - 9.1.1 January 13, 2023

Routes Tab ..................................... 183

Route Maps ................................. 183

Edit or Add Routes ................................. 186

Add Routes ................................. 187

Import Subnets .................................. 188

SD-WAN Fabric Route Redistribution Maps .................... 188

OSPF Tab ...................................... 190

OSPF Edit Row ................................... 190

Add Interface .................................... 191

OSPF Route Redistribution Maps ......................... 191

Multicast ...................................... 193

Multicast Dialog Box ................................ 193

Peer Priority Tab .................................. 194

Peer Priority Edit Row ............................... 195

Admin Distance Tab ................................ 196

Management Routes Tab ............................. 196

Tunnels Tab .................................... 197

Troubleshooting .............................. 199

Use Passthrough Tunnels ......................... 199

Tunnel Exception .................................. 199

Schedule Auto MTU Discovery ...........................200

Configuration > Policies ..................................200

DNS Proxy Policies .................................200

Configure DNS Proxy Policies ........................... 201

Route Policies Tab ................................. 201

Priority ...................................202

Match Criteria ...............................202

Source or Destination ........................... 202

Wildcard-based Prefix Matching ...................... 203

QoS Policies Tab .................................. 203

Handle and Mark DSCP Packets ......................204

Apply DSCP Markings to Optimized (Tunnelized) Traic ......204

Apply DSCP Markings to Pass-through Traic ............206

Priority ................................... 207

Match Criteria ............................... 207

Source or Destination ...........................208

Wildcard-based Prefix Matching ......................208

Schedule QoS Map Activation ...........................208

Optimization Policies Tab .............................209

Priority ...................................209

Match Criteria ...............................209

Source or Destination ........................... 210

Wildcard-based Prefix Matching ...................... 210

Set Actions ................................. 210

TCP Acceleration Options ............................. 212

NAT Policies Tab .................................. 215

Advanced Settings ............................. 217

Match Criteria ............................. 217

Source or Destination ........................ 217

Wildcard-based Prefix Matching ................... 218

Set Actions .............................. 218

Aruba EdgeConnect SD-WAN Edge Platform 7

Using Aruba Orchestrator - 9.1.1 January 13, 2023

Merge / Replace ............................ 219

Inbound Port Forwarding ............................. 219

Security Policies Tab ................................ 220

Wildcard-based Prefix Matching ...................... 221

Access Lists Tab .................................. 222

Match Criteria ............................... 222

Wildcard-based Prefix Matching ...................... 223

Address Groups .................................. 223

Add an Address Group ........................... 223

Add a Rule to an Address Group ...................... 224

Delete an Address Group ......................... 225

Export Address Groups ........................... 225

Import Address Groups .......................... 226

View a Single Address Group ....................... 227

Edit or Delete a Rule ............................ 227

Using Address Groups in Match Criteria .................. 227

Address Group Formats .......................... 228

Service Groups ................................... 228

Add a Service Group ............................ 228

Add a Rule to a Service Group .......................230

Delete a Service Group ........................... 231

Export Service Groups ........................... 231

Import Service Groups ........................... 231

View a Single Service Group ........................ 232

Edit or Delete a Rule ............................ 232

Using Service Groups in Match Criteria .................. 233

Shaper Tab ..................................... 233

SaaS Optimization Tab ............................... 236

Configure for SaaS Optimization ..................... 236

SaaS Optimization Dialog Box ........................... 236

Application Definitions .............................. 237

Application Groups Tab .............................. 238

Threshold Crossing Alerts Tab ........................... 239

ON by Default ............................. 241

OFF by Default ............................ 241

IP SLA Tab ..................................... 242

IP SLA Monitor Use Cases ......................... 242

Configuration > Templates ................................. 248

Templates Overview ................................ 248

Template Groups .................................. 249

System Template .................................. 249

SNMP Template .................................. 251

SNMP v1/v2 .............................. 251

SNMP v3 ................................ 252

Trap Receivers ............................ 252

Flow Export Template ............................... 253

DNS Template ................................... 253

Logging Template ................................. 253

Minimum Severity Levels ......................... 254

Configure Remote Logging ........................ 255

Banner Messages Template ............................ 255

Aruba EdgeConnect SD-WAN Edge Platform 8

Using Aruba Orchestrator - 9.1.1 January 13, 2023

Date/Time Setting .................................256

Data Collection ............................... 256

HTTPS Certificate Template ............................ 257

User Management Template ............................258

Default User Accounts ...........................258

Command Line Interface Privileges .................... 258

SSL Certificates Template ............................. 259

SSL CA Certificates Template ...........................260

SSL for SaaS Template ...............................260

Auth/Radius/TACACS+ Template ......................... 261

Authentication and Authorization ..................... 262

Appliance-based User Database ...................... 262

RADIUS ................................... 262

TACACS+ .................................. 263

What Is Recommended .......................... 263

DNS Proxy Policies ................................. 263

Tunnels Template ................................. 263

VRRP Template ...................................266

Peer Priority Template ...............................268

Admin Distance Template ............................. 269

Route Redistribution Template ..........................269

Shaper Template .................................. 270

Dynamic Rate Control ........................... 270

QoS Policies Template ............................... 272

Priority ................................... 273

Match Criteria ............................... 273

Source or Destination ........................... 273

Wildcard-based Prefix Matching ...................... 274

Handle and Mark DSCP Packets ...................... 274

Apply DSCP Markings to Optimized (Tunnelized) Traic ...... 274

Apply DSCP Markings to Pass-through Traic ............ 275

Routes Template .................................. 277

BGP Template ................................... 278

OSPF Template ................................... 279

Optimization Policies Template ..........................280

Priority ................................... 281

Match Criteria ............................... 281

Source or Destination ........................... 281

Wildcard-based Prefix Matching ......................282

Set Actions Fields .............................282

TCP Acceleration Options ............................. 283

Route Policies Template .............................. 287

Why? ....................................288

Priority ...................................288

Match Criteria ...............................288

Source or Destination ...........................289

Wildcard-based Prefix Matching ......................289

Set Actions Fields .............................289

Where the Appliance Directs Traic .................289

How Traic Is Managed If a Tunnel Is Down .............290

Aruba EdgeConnect SD-WAN Edge Platform 9

Using Aruba Orchestrator - 9.1.1 January 13, 2023

NAT Policies Template ...............................290

When to NAT ................................290

Advanced Settings ............................. 291

Match Criteria ............................. 292

Source or Destination ........................ 292

Wildcard-based Prefix Matching ................... 292

Set Actions .............................. 293

Merge / Replace ............................ 293

Threshold Crossing Alerts Template ........................ 293

ON by Default .............................294

OFF by Default ............................ 295

TCA Metrics ................................. 295

SaaS Optimization Template ...........................296

TIPS ..................................... 297

Security Policies Template ............................. 297

Implicit Drop Logging .........................298

Template ...............................298

Wildcard-based Prefix Matching ......................298

CLI Template ....................................299

Session Management Template ..........................299

Management Services Template ......................... 301

Apply Template Groups .............................. 301

Configuration > Cloud Services .............................. 301

AWS Transit Gateway Network Manager ..................... 301

Prerequisites for AWS Transit Gateway Network Manager . . . . . 302

Orchestrator Configuration ......................305

Microso Azure Virtual WAN ............................309

Microso Azure Prerequisites ....................... 310

Orchestrator Prerequisites ......................... 310

Orchestrator Configuration ........................ 310

Verification ................................. 312

Check Point CloudGuard Connect ......................... 312

Subscription ............................. 312

Interface Labels ............................ 313

Tunnel Settings ............................ 313

LAN Subnets ............................. 313

Enabling Check Point CloudGuard Connect ............. 313

Verification .............................. 313

Import and Export Subnets ............................ 313

Microso Oice 365 ................................ 315

Zscaler Internet Access .............................. 315

Enable Zscaler ............................... 318

Verification ................................. 319

Service Orchestration ............................... 319

Prerequisites ................................320

Remote Endpoint Configuration ...................... 320

Add Endpoints One at a Time ....................320

Add Endpoints in Bulk ........................ 321

Bulk Edits .................................. 322

Interface Labels .............................. 322

Tunnel Settings ............................... 322

Aruba EdgeConnect SD-WAN Edge Platform 10

Using Aruba Orchestrator - 9.1.1 January 13, 2023

IP SLA Settings ............................... 322

Pause Orchestration (Optional) ...................... 323

+BIO Breakout ............................... 323

Remote Endpoint Association ....................... 323

Add Tunnel Local Identifiers to Netskope ................. 324

Verification ................................. 324

Set Up a New Service ........................... 324

Deploy Cloud Hubs ................................. 324

Cloud Hubs in AWS ................................. 325

Create or Modify an AWS Account ..................... 326

Deploy a New EC-V ............................. 326

Remove an EC-V .............................. 326

AWS Accounts ................................... 327

AWS Account Configuration ............................ 327

Create a Policy with Required Permissions ................ 327

Attach Policy to the Orchestrator IAM User Account ........... 328

Download Orchestrator IAM User Account Credentials .......... 328

Create a Key Pair to Assign to EC-Vs .................... 328

Add the AWS Account to Orchestrator ................... 328

AWS Deployment Configuration ..........................328

Cloud Hubs in Azure ................................ 331

Create or Modify an Azure Subscription .................. 332

Deploy a New EC-V ............................. 332

Remove an EC-V .............................. 332

Azure Subscriptions ................................ 332

Add New Azure Subscription ....................... 333

Edit an Existing Azure Subscription .................... 333

Azure Subscription Configuration ......................... 333

Accept Azure Marketplace Image Terms .................. 333

Create a New App Registration ...................... 335

Create a New Resource Group ....................... 336

Create a Custom Role ........................... 336

Assign the Custom Role to the Resource Group .............. 339

Add the Azure Subscription to Orchestrator ............... 339

Deployment Configuration Azure .........................340

Administration ..........................................342

Administration > General Settings ............................. 342

Appliance User Accounts Tab ........................... 342

Auth/RADIUS/TACACS+ Tab ............................ 343

Authentication and Authorization ..................... 343

RADIUS and TACACS+ ...........................344

Date/Time Tab ...................................344

DNS (Domain Name Servers) Tab ......................... 345

SNMP Tab ......................................346

SNMP Overview ..............................346

Modify SNMP Configuration ........................ 347

SNMP v1/v2 .............................. 347

SNMP v3 ................................ 347

Trap Receivers ............................348

Flow Export Tab ..................................348

Custom Information Elements .......................348

Aruba EdgeConnect SD-WAN Edge Platform 11

Using Aruba Orchestrator - 9.1.1 January 13, 2023

Logging Tab .................................... 352

Severity Levels ............................... 352

Remote Logging .............................. 352

Banners Tab .................................... 353

HTTPS Certificate Tab ............................... 353

Orchestrator Reachabililty Tab .......................... 354

Custom Appliance Tags .............................. 355

Administration > Soware ................................. 355

System Information ................................ 355

Soware Versions .................................360

Upgrade Appliance Soware ...........................360

Appliance Configuration Backup ......................... 361

View Configuration History ............................ 363

Restore a Backup to an Appliance ......................... 363

Remove Appliance from Orchestrator .......................364

Remove Appliance from Orchestrator and Account ............... 365

Administration > Tools ...................................365

Synchronize Appliance Configuration ....................... 365

Put the Appliance in System Bypass Mode ....................366

Broadcast CLI Commands ............................. 367

Link Integrity Test .................................368

TCPPERF Version 1.4.8 ...........................369

Disk Management ................................. 374

Erase Network Memory .............................. 375

Reboot or Shut Down an Appliance ........................ 376

Behavior During Reboot .......................... 377

Schedule an Appliance Reboot .......................... 377

Behavior During Reboot .......................... 378

Reachability Status Tab .............................. 378

Active Sessions Tab ................................ 379

Orchestrator ........................................... 379

Orchestrator > Orchestrator Server ............................380

Role Based Access Control .............................380

Roles ....................................380

Appliance Access .............................. 381

Assign Roles and Appliance Access ....................382

View Orchestrator Server Information ...................... 383

Restart, Reboot, or Shutdown ...........................384

Manage Orchestrator Users ............................384

Add a User .................................384

Multi-Factor Authentication ........................384

Configuring Multi-Factor Authentication Through an Application . 385

Configuring Multi-Factor Authentication Through Email ......386

Using Multi-Factor Authentication ..................386

Modify User .....................................386

API Key ....................................... 387

Remote Authentication ..............................388

Configure a RADIUS or TACACS+ Server .................. 389

Authenticate Using RADIUS or TACACS+ ...............389

Configure an OAuth Server ........................390

Prerequisites .............................390

Aruba EdgeConnect SD-WAN Edge Platform 12

Using Aruba Orchestrator - 9.1.1 January 13, 2023

Register Orchestrator as an App ...................390

Configure OAuth Server Properties in Orchestrator .........390

Configure a JWT Server .......................... 391

Configure a SAML Server .......................... 393

SAML and Orchestrator Configuration ................ 393

Cloud Portal .................................... 395

Audit Logs .....................................396

Orchestration Settings ............................... 397

Maintenance Mode .................................398

Tunnel Settings Tab ................................399

General Tab .................................399

General ................................399

Packet .................................400

Tunnel Health .............................400

FastFail Thresholds ..........................400

IKE Tab ...................................402

IPSec Tab ..................................402

Orchestrator Blueprint Export ...........................403

Brand Customization ................................404

Orchestrator > Soware & Setup ..............................404

Upgrade Orchestrator Soware ..........................404

Upgrade via HTTP .............................405

Upgrade via SCP ..............................405

Check for Orchestrator and Appliance Soware Updates ............405

Back Up on Demand ................................406

Schedule Orchestrator Backup ..........................406

Schedule Stats Collector Backup .........................408

SMTP Server Settings ...............................409

Proxy Configuration ................................ 410

Orchestrator HTTPS Certificate .......................... 410

Timezone for Scheduled Jobs ........................... 411

Orchestrator Advanced Properties ........................ 412

Change the Orchestrator Log Level ........................ 412

Minimum Severity Levels ......................... 413

IP Allow List .................................... 413

Orchestrator Getting Started Wizard ....................... 414

Statistics Retention ................................ 415

Stats Collector Configuration ........................... 416

Prerequisites ................................ 416

Before You Begin .............................. 416

Create a Remote Stats Collector ................... 417

Authenticate the Remote Stats Collector .............. 417

Configure the New Stats Collector Feature ................ 417

Add Remote Stats Collectors ..................... 418

Delete a Remote Stats Collector ................... 418

Associate Appliances with a Remote Stats Collector ........ 418

Associate Appliances with the Predefined Local Stats Collector . . 419

Enable the New Stats Collector ................... 419

Discontinue Legacy Stats Collection .................420

Notification Banner ................................420

Aruba EdgeConnect SD-WAN Edge Platform 13

Using Aruba Orchestrator - 9.1.1 January 13, 2023

Orchestrator > Aruba Central ................................420

Aruba Central Site Mapping ............................420

Prerequisites ................................ 421

Create Aruba Central Sites in Bulk .................. 421

Create an Aruba Central Account in Orchestrator ............. 422

Edit EdgeConnect to Aruba Central Site Mapping ............ 423

Check for Site List Updates ........................ 423

ClearPass Policy Manager ............................. 423

Manage ClearPass Policy Manager Accounts ............... 424

View ClearPass Policy Manager Accounts .............. 425

Add a ClearPass Policy Manager Server ............... 425

Edit a ClearPass Policy Manager Server ............... 425

Pause ClearPass Policy Manager Integration ...............426

Support ..............................................426

Support > Technical Assistance ..............................426

Tech Support - Appliances .............................426

Tech Support - Orchestrator ............................ 427

Take Action with Files ........................... 427

Log In to the Support Portal ............................428

Monitor Transfer Progress .............................428

Packet Capture ................................... 429

Upload Local Files .................................429

Create a Support Case ...............................430

Partition Management ...............................430

Remote Log Receivers ............................... 431

HTTP Receiver Settings ........................ 431

HTTPS Receiver Settings ....................... 432

KAFKA Receiver Settings ....................... 432

SYSLOG Receiver Settings ...................... 432

WEBSOCKET Receiver Settings .................... 433

WebSocket Receiver Configuration ................. 433

Routing Peers Table ................................434

RMA Wizard .....................................434

Run the RMA Wizard ............................ 435

Add a Backup Appliance ..........................436

Upgrade and Downgrade .........................436

Support > User Documentation ..............................436

Built-in Policies ...................................436

Support > Reporting .................................... 437

Realtime Charts .................................. 437

Historical Charts ..................................438

Appliance Charts ..................................438

Internal Drop Trends ................................439

Appliance Memory Trends ............................. 441

System Performance ................................442

Appliance CPU Usage ...............................443

Appliance Crash Report ..............................444

Orchestrator Debug ................................445

IPSec UDP Status ..................................445

Unverified Emails .................................446

Aruba EdgeConnect SD-WAN Edge Platform 14

U A O - ..

This section contains information about how to get started with Aruba Orchestrator and how to use

Orchestrator to manage your Aruba EdgeConnect SD-WAN Edge Platform products.

15

W’ N

This page provides a brief description and links to additional information about new features in the

recent Orchestrator release.

Orchestrator 9.1.1

The following features were introduced in Orchestrator 9.1.1:

Aruba Central Integration

Orchestrator now allows integration of Aruba EdgeConnect devices in Aruba Central. Once integrated,

EdgeConnect device alerts can be monitored in the Network Health tab in Aruba Central. For more

information, see Aruba Central Site Mapping.

Deploy Cloud Hubs in Azure

This release supports deployment of EC-Vs in the Azure cloud from Aruba Orchestrator. For more

information, see Cloud Hubs in Azure.

16

G S

Orchestrator enables you to globally monitor performance and manage EdgeConnect (EC) appliances,

whether you are configuring a WAN Optimization network (NX, VX, or VRX appliances) or an SD-WAN

network (EC or EC-V appliances).

On this page:

•Supported Browsers

•Guidelines for Creating Passwords

•Overview of SD-WAN Prerequisites

Supported Browsers

Orchestrator and the Appliance Web user interfaces support the following browsers:

•Google Chrome (recommended)

•Microso Edge

•Mozilla Foxfire

•Opera

•Safari

We recommend that you use the latest version available for your browser.

Guidelines for Creating Passwords

•Passwords should be a minimum of eight characters.

•There should be at least one lower case letter and one upper case letter.

•There should be at least one digit.

•There should be at least one special character.

•Consecutive letters in the password should not be dictionary words.

Overview of SD-WAN Prerequisites

With Orchestrator, you create virtual network overlays to apply business intent to network segments.

Provisioning a device is managed by applying profiles.

•Interface Labels associate each interface with a use.

– LAN labels refer to traic type, such as VoIP,data, or replication.

– WAN labels refer to the service or connection type, such as MPLS,internet, or Verizon.

17

Using Aruba Orchestrator - 9.1.1 January 13, 2023

•Deployment Profiles

configure the interfaces and map the labels to them, to characterize the

appliance.

•Business Intent Overlays

use the Labels specified in Deployment Profiles to define how traic

is routed and optimized between sites. These overlays can specify preferred paths and can link

bonding policies based on

application

,

VLAN

, or

subnet

, independent of the brand and physical

routing attributes of the underlay.

This diagram shows the basic architecture and capabilities of Overlays.

Including a new appliance into the SD-WAN fabric consists of two basic steps:

1. Registration and discovery.

Aer you

Accept

the discovered appliance, the

Configuration

Wizard opens.

2. Provisioning.

Because the wizard prompts you to select profiles, it is easier to create these

ahead of time.

The following figure shows the process of installing and provisioning an appliance for SD-WAN.

Aruba EdgeConnect SD-WAN Edge Platform 18

Using Aruba Orchestrator - 9.1.1 January 13, 2023

Aruba EdgeConnect SD-WAN Edge Platform 19

M O

All of Orchestrator’s monitoring and configuration options are organized into five main menu groups,

or tabs, located at the top of the main screen, including the following:

•Monitoring

•Configuration

•Administration

•Orchestrator

•Support

Monitoring

The options under the

Monitoring

tab focus on reports related to performance, traic, and appliance

status. Additionally, Threshold Crossing Alerts are helpful in monitoring your network.

Configuration

The options under the

Configuration

tab focus on how to configure Orchestrator. The options available

under this menu are organized as follows:

•Overlays & Security

•Networking

•Templates & Policies

•Cloud Services

Administration

The options under the

Administration

tab are related to appliance administration. They include

general settings, soware management, and tools for troubleshooting and maintenance.

Orchestrator

The options under the

Orchestrator

tab are used for managing Orchestrator itself. These options do

not relate to managing appliances.

20

Page is loading ...

Aruba Edge, Using Orchestrator - 9.1.1 User guide