Aruba Central User guide

Aruba

SD-WAN Solution

User Guide

Copyright Information

Open Source Code

This product includes code licensed under the GNU General Public License, the GNU Lesser General

Public License, and/or certain other open source licenses. A complete machine-readable copy of the

source code corresponding to such code is available upon request. This offer is valid to anyone in

receipt of this information and shall expire three years following the date of the final distribution of

this product version by Hewlett Packard Enterprise Company. To obtain such source code, send a

check or money order in the amount of US $10.00 to:

Hewlett Packard Enterprise Company

6280 America Center Drive

San Jose, CA 95002

USA

Contents

Contents 3

About This Document 7

Intended Audience 7

Related Documents

In addition to this document, see the following documents for more details on the SD Branch devices and

Aruba Central:

nAruba Central Help Center

nArubaOS User Guide

nHPE-ArubaOS Switch Management and Configuration Guide

nAruba ClearPass Policy Manager User Guide

Conventions

Table 1 lists the typographical conventions used throughout this guide to emphasize important concepts:

Type Style Description

Italics This style is used to emphasize important terms and to mark the titles of books.

System items This fixed-width font depicts the following:

nSample screen output

nSystem prompts

Bold nKeys that are pressed

nText typed into a GUI element

nGUI elements that are clicked or selected

Table 1: Typographical Conventions

The following informational icons are used throughout this guide:

nIndicates helpful suggestions, pertinent information, and important things to remember.

nIndicates a risk of damage to your hardware or loss of data.

nIndicates a risk of personal injury or death.

Aruba SD-WAN Solution | User Guide 7

About This Document | 8

Terminology Change

As part of advancing HPE's commitment to racial justice, we are taking a much-needed step in overhauling

HPE engineering terminology to reflect our belief system of diversity and inclusion. Some legacy products

and publications may continue to include terminology that seemingly evokes bias against specific groups of

people. Such content is not representative of our HPE culture and moving forward, Aruba will replace

racially insensitive terms and instead use the following new language:

Usage Old Language New Language

Campus Access

Points +

Controllers

Master-Slave Conductor-Member

Instant Access

Points

Master-Slave Conductor-Member

Switch Stack Master-Slave Conductor-Member

Wireless LAN

Controller

Mobility Master Mobility Conductor

Firewall

Configuration

Blacklist, Whitelist Denylist, Allowlist

Types of

Hackers

Black Hat, White Hat Unethical, Ethical

Contacting Support

Main Site arubanetworks.com

Support Site support.arubanetworks.com

Airheads Social Forums and Knowledge

Base

community.arubanetworks.com

North American Telephone 1-800-943-4526 (Toll Free)

1-408-754-1200

International Telephone arubanetworks.com/support-services/contact-support/

Software Licensing Site lms.arubanetworks.com

End-of-life Information arubanetworks.com/support-services/end-of-life/

Security Incident Response Team Site: arubanetworks.com/support-services/security-bulletins/

Email: aruba-sirt@hpe.com

Table 2: Contact Information

Chapter 2

Aruba SD-Branch Solution

The Aruba SD Branch solution offers the best-in-class wireless and wired infrastructure and management

orchestration features with the SD-WAN capabilities. The SD Branch solution extends the SD-WAN concept

to all elements in the branch to deliver a full stack solution that addresses the business challenges of

distributed enterprises. Coupled with Aruba Central, the solution provides a cloud-hosted environment for

simplified operations and improved agility.

Why SD-WAN?

A traditional branch setup supports client connectivity requirements across different geographical locations

for various types of business operations. The sites in remote geographical locations serve as branch offices,

while the headquarters or main office serves as a data center that hosts network resources to store, manage,

and distribute data. The main office also hosts a centralized Virtual Private Network(VPN) management

system to aggregate traffic from the remote branch sites. A Wide Area Network (WAN) —with Multiprotocol

Label Switching (MPLS), T1, T3, Broadband, or Cellular links—is used for connecting multiple local area

networks to a central corporate network or data centers separated by distance.

Due to an increase in the number of client devices at the remote sites and the new bandwidth requirements,

branch office networks are expected rapidly scale to provide uninterrupted user experience. A traditional

branch infrastructure with multiple appliances, different operating systems, and management tools only

adds to the cost, involves a maintenance overhead, and demands skilled IT personnel.

The Aruba SD-WANsolution simplifies your branch deployments with a single management interface for

administering, managing, and monitoring your branch networks. It also provides a unified policy

enforcement framework with operational ease.

Key Features and Benefits

The SD-WANsolution comes with the following key capabilities:

nZero Touch Provisioning of devices—Ability to self-provision without operator's intervention.

nCentralized overlay management and control—A single cloud-based network management interface for

managing and monitoring SDBranch devices. Aruba Central, the cloud based network management

system, supports unified management of SDbranch devices with ZTP and hierarchical configuration.

nIPsec based Automatic VPN Tunnels—Support for high-performance and automatic IPsec VPN for secure

overlay networking.

nUnified security policy for wired, wireless, and WAN—Support for a common security policy framework

based on user roles for WAN, WLAN, and LAN users.

nDynamic path selection—Support for dynamically steering traffic or a service request to the best available

path. For example, you can configure a policy to dynamically route the real-time voice and video traffic on

the link with the lowest latency and jitter, and the bulk file traffic on the link with the maximum bandwidth.

nDeep Packet Inspection and Web Content Classification—Support for monitoring and analyzing application

usage by clients.

Aruba SD-WAN Solution | User Guide 9

Aruba SD-Branch Solution | 10

nVisibility, analytics, and troubleshooting—Dashboards for monitoring branch health, device performance,

and client connectivity metrics. Alerts, reports, and audit trails for monitoring and troubleshooting network

performance issues.

nPolicy-based Routing—In addition to the traditional destination-based routing, the SD Branch devices

support routing client traffic based on user role or type of application, For example, traffic generated from

the guest devices can be routed directly to the internet, while traffic from the employees can be routed to

the MPLS network.

For more information about how SD-WAN works, see Understanding SD-WAN.

Understanding SD-WAN

The SD-WAN solution includes a new set of devices called Aruba Gateways that inter-operate Aruba Switches

and Instant APs to provide a full-fledged WAN architecture.

Based on the size of your branch setup, you can choose device combination that best suits your

requirement:

nMedium to large branches—For branches that require more than 24 ports, you can use a combination of

Branch Gateways and one or more Aruba switches at the branch site, with ArubaGateways as

VPNConcentrator at the data center.

nSmall to medium branches—For branches that require less than 24 ports (including all

WANandLANports), you can deploy Branch Gateways at the branch sites, with ArubaGateways as

VPNConcentrator at the data center.

nMicro branches—For micro branches, you can deploy an Instant AP cluster at the branch site, with

ArubaGateway as the VPNConcentrator at the data center.

See Supported SD-Branch Components for information on Aruba Gateways that can be deployed as

VPNCs.

Figure 1 shows a typical deployment topology of an SD Branch with Branch Gateways and a micro branch

with Instant APs:

Figure 1 SD Branch Topology

Figure 2 illustrates the communication flow between Aruba Central, branch sites, and data center.

Aruba SD-WAN Solution | User Guide 11

Figure 2 Aruba Central and Cloud Communication

Figure 3 shows all elements in an SD Branch and the SD-WANdata flow.

Figure 3 Aruba SD-WANData Flow

What are the Solution Requirements?

Aruba SD-Branch Solution | 12

The ArubaGateways are the most important components of the Aruba SD-Branch Solution. The SD-WAN

Gateway portfolio includes and Aruba Branch Gateways and VPN Concentrators.

At the Branch Site

The following are the components in a branch:

nBranch Gateways—Function at the branch to optimize and control WAN, LAN, and cloud security

services.

nSwitches—Function with Branch Gateways to detect and isolate rogue APs, and blacklist rogue devices.

nInstant APs—Function as VPNclients at branch sites. The client data traffic from these APs are aggregated

by the VPN Concentrator located at the data center

At the Data Center

At the data center, you can deploy ArubaGateways as VPNConcentrator. For data center redundancy, you

can deploy two VPNconcentrators in the active-standby or active-active mode.

The following are the components operational at the Data Center:

nVPNC—A VPN Concentrator functions as a VPNmanagement system that aggregates data traffic from

the branches and terminates IPsec VPNtunnels.

nVirtual Gateway—The headend gateway at the enterprise data center can be hosted as a virtual

appliance. The virtualised instance enterprise data center gateway in public or private cloud is referred to

as Virtual Gateway. Aruba Virtual Gateways function as VPNConcentrators.

For a list of supported Gateways, Switches, and APs, see Supported SD-Branch Components.

In the Cloud

A valid Aruba Central subscription is required to avail cloud-based administration, management,

configuration and monitoring of SD branch components such as Branch Gateways, VPN Concentrators,

Instant APs, and Aruba Switches.

Supported SD-Branch Components

The Aruba SD-WAN Gateway portfolio includes Aruba Gateways that function as Branch Gateways and

VPNConcentrators.

The following table lists the Aruba Gateway platforms and ArubaOS software versions that function as

Branch Gateways:

Platform Minimum Supported

Software Version

Latest Software

Version

Recommended

Software Version

Aruba 9004-LTE ArubaOS 8.5.0.0-2.1.0.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.5.0.0-2.1.0.0

Aruba 9012 ArubaOS 8.5.0.0-2.0.0.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.5.0.0-2.0.0.4

Table 3: Supported Aruba Gateways

Aruba SD-WAN Solution | User Guide 13

Platform Minimum Supported

Software Version

Latest Software

Version

Recommended

Software Version

Aruba 9004 ArubaOS 8.5.0.0-1.0.7.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.5.0.0-2.0.0.4

Aruba7210, 7220,

and 7240XM

ArubaOS 8.5.0.0-2.0.0.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.5.0.0-2.0.0.4

Aruba7030 ArubaOS 8.1.0.0-1.0.4.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

Aruba7024 ArubaOS 8.1.0.0-1.0.4.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

Aruba7010 ArubaOS 8.1.0.0-1.0.4.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

Aruba7008 ArubaOS 8.1.0.0-1.0.4.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

Aruba7005 ArubaOS 8.1.0.0-1.0.4.0 ArubaOS 8.6.0.4-

2.2.0.0 ArubaOS 8.4.0.0-2.0.0.4

The following table lists the Aruba Gateway platforms and ArubaOS software versions that function as VPN

Concentrators:

Platform Minimum Supported

Software Version

Latest Software

Version

Recommended Software

Version

Aruba7280 ArubaOS 8.4.0.0-1.0.6.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

Aruba7240XM ArubaOS 8.1.0.0-1.0.4.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

Aruba7220 ArubaOS 8.1.0.0-1.0.4.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

Aruba7210 ArubaOS 8.1.0.0-1.0.4.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

vGW-4G ArubaOS 8.4.0.0-1.0.6.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

vGW-2G ArubaOS 8.4.0.0-1.0.6.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

vGW-500M ArubaOS 8.4.0.0-1.0.6.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

Aruba 7030 ArubaOS 8.1.0.0-1.0.4.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

Table 4: Supported Aruba VPN Concentrators

Aruba SD-Branch Solution | 14

Platform Minimum Supported

Software Version

Latest Software

Version

Recommended Software

Version

Aruba 7024 ArubaOS 8.1.0.0-1.0.4.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

Aruba 7010 ArubaOS 8.1.0.0-1.0.4.0 ArubaOS 8.6.0.4-

2.2.0.0

ArubaOS 8.4.0.0-2.0.0.4

Table 4: Supported Aruba VPN Concentrators

Aruba Virtual Gateways also function as VPNConcentrators. The minimum supported software version

for Virtual Gateways is ArubaOS 8.1.0.0-1.0.4.1.

Data sheets and technical specifications for the supported Gateways are available at:

https://www.arubanetworks.com/products/networking/gateways-and-controllers/

The following table lists the hardware platforms and ArubaOS software versions for Aruba Switches and

Instant APs that can be deployed in the branch:

SD Branch Component Hardware Platforms Minimum Software

Version

Aruba Switches Aruba 3810 Switch Series KB.16.05.0007 or later

Aruba 5400R Switch

Series

KB.16.05.0007 or later

Aruba 2920 Switch Series WB.16.05.0007 or later

Aruba 2930F Switch

Series

WC.16.05.0007 or later

Instant APs Aruba310 Series and 300

SeriesInstant APs

ArubaInstant 6.5.3.x

ArubaInstant 8.3.0.0 or

later

Table 5: SD Branch Site Devices

Chapter 3

Getting Started

To start using the SD-WAN solution, ensure that you have a valid Aruba Central subscription and licenses for

the SD-Branch devices.

nIf you are an existing Aruba Central customer with a valid subscription key and device licenses, access the

Aruba Central UI and complete the provisioning tasks.

nIf you are an existing Aruba customer with valid device licenses, but not an Aruba Central customer, sign up

for Aruba Central. After a successful registration, Aruba sends a verification e-mail with a link to the Aruba

Central portal. For more information, see Aruba Central Help Center.

Aruba Central offers a 90 day evaluation subscription for customers who want to try the Aruba cloud

solution for managing their networks. When you sign up for Aruba Central, an evaluation subscription

is automatically assigned, unless you purchased a subscription. To purchase subscriptions, contact the

Aruba support team.

Gateway Provisioning Tasks

Complete the following provisioning tasks to bring up your devices in the Aruba Central management

interface:

nOnboard Devices

nAssign Subscriptions

nAssign Devices to Sites

nAssign Labels

nAssign Groups

nAssigning a Group Role or Persona

nProvision Gateways

nOpen Firewall Ports for Device Communication

Onboarding Devices to Aruba Central

If you are a registered Aruba Central portal user, Aruba Central automatically retrieves the devices associated

with your account and adds it to the device inventory. To verify, if the devices are added to Aruba Central's

device inventory, navigate to Global Settings >Device Inventory in the Aruba Central UI.

The users with the evaluation subscription may have to add the devices manually using their Aruba

Activate credentials.

nIf the devices are listed in the inventory, proceed to assign devices to groups, labels, and sites.

nIf the devices do not show up in the inventory, click Sync Now to synchronize the inventory with the

Activate database.

nIf the devices do not show up in the inventory even after the sync operation, manually add these devices.

Aruba SD-WAN Solution | User Guide 15

Getting Started | 16

Manually Adding Devices to Inventory

To manually add the devices, on the Device Inventory page, click one of the device addition options

described in the following table:

Device Addition

Method Description

Add by MAC

Address/Serial Number

Allows you to add devices based on MAC address and serial numbers. You can

add up to 32 devices.

Add with Cloud Activation

Key

Allows you to add multiple devices from a single purchase order by using the

cloud activation key. To add devices:

1. Enter the Cloud Activation Key and MAC address of the device.

2. Click Add. Aruba Central retrieves all devices that belong to the same

purchase order and displays the list.

Add Using Activate Allows you to retrieve the devices associated with an Activate user account.

To add devices:

1. Enter the username and password of the Activate user account.

2. Click Add. The devices associated with the Activate account are retrieved

and added to the list of devices displayed on the Device Inventory page.

NOTE: You can use this option only once. After the devices are added, Aruba

Central does not allow you to modify or re-import the devices using your Aruba

Activate credentials.

Table 6: Adding Devices

Assigning Subscriptions to Aruba Gateways

For Aruba gateways to start functioning, you must onboard them to the device inventory in Aruba Central

and ensure that a valid subscription is assigned to each gateway. A valid subscription allows the gateway to

be managed by Aruba Central.

This section includes the following topics:

nGateway Subscriptions

nGateway Subscriptions with Security License

nVirtual Gateway Subscriptions

Gateway Subscriptions

Aruba Central supports the following types of subscriptions for gateways:

nDM Assigned—Displays whether the device management subscription has been assigned.

nUnassigned—Select gateway(s) and select Unassigned from the drop-down list to unassign the

subscription.

nFoundation—This subscription can be assigned to these gateways:

oAruba 70xx series

oAruba 72xx series

oAruba 90xx series

Aruba SD-WAN Solution | User Guide 17

nFoundation-Base—This subscription can be assigned to Aruba70xx series and Aruba 90xx series

Gateways. Gateway devices with the Foundation-Base capacity subscription can support up to 75 client

devices per branch.

When the client capacity reaches the threshold:

oAruba Central triggers the Gateway base license capacity limit exceeded alert.

oIf the notification options for the Gateway base license capacity limit exceeded alert is configured,

Aruba Central sends an email notification with a list of Aruba gateways that exceed the client capacity

threshold. You can also configure alerts to trigger an incident using Webhook. .

nAdvanced—This subscription is available for all Aruba gateways. It allows users to use advanced features

and services such as SaaS Express. This subscription can be assigned to these gateways:

oAruba 70xx series

oAruba 72xx series

oAruba 90xx series

Gateway Subscriptions with Security License

The following gateway subscriptions are packaged along with security license that includes the Intrusion

Detection and Prevention System (IDPS) feature. These subscriptions can be assigned to Aruba IDPS

supported gateways:

nFoundation with Security—All features of a Foundation subscription along with security license.

nFoundation-Base with Security—All features of a Foundation-Base capacity subscription along with

security license.

nAdvanced with Security—All features of an Advanced subscription along with security license.

You can evaluate Aruba IDPS with Advanced with Security subscription for a period of 90 days.

Assigning Subscriptions to Gateways

To assign subscription to a gateway, complete the following steps:

1. In the Account Home page, under Global Settings, click Subscription Assignment.

The Subscription Management page is displayed.

2. Under Gateway Subscriptions, select the device to which you want to assign a subscription.

3. Expand the drop-down in the Assignment column for the selected device.

4. Select the subscription; for example, Foundation.

5. To assign subscription to multiple devices:

a. Select the devices in the table.

b. Click Batch Assignment.

c. Select the subscription to assign.

When a subscription assigned to a gateway expires, Aruba Central automatically assigns a valid subscription

from the same subscription category.

Getting Started | 18

When you assign a subscription with security license, the gateways reboot to enable the traffic

inspection engine for the first time. It is recommended that you apply the security license after

business hours, as this might result in a downtime in the network.

When assigning subscriptions, if you change a subscription with security license to a subscription

without a security license, you must reboot the gateway manually to release the CPU resources that

were assigned to the traffic inspection engine. It is recommended to reboot the gateway after

business hours, as this might result in a down time in the network.

Virtual Gateway Subscriptions

Aruba Virtual Gateway is a virtual instance of headend gateway for SD-WAN. Aruba Central supports

licenses based on the bandwidth capacity for virtual gateways. All license assignments are undertaken by

the virtual gateway orchestration app.

Aruba Central supports VGW licenses that cater to a variety of requirements. The options include one, three,

and five year periods and the bandwidth options are 500 Mbps, 2 Gbps, and 4 Gbps capacity licenses.

The base SKUs available are: VGW-500M, VGW-2G, and VGW-4G. The availability of SKUs is also dependent

on the installation consuming the license.

The account maintains a pool of VGW licenses, upon license expiry or if the license pool has no licenses left

(all consumed) the license is unassigned from the account. When deployed without valid or paid licenses,

four evaluation (90 day) licenses of each base SKU is allocated to every customer account.

License consumption can be tracked in the Key Management or Subscription Assignment pages.

The list of licenses available against consumed licenses are also displayed during the deployment of a virtual

gateway.

When the client capacity reaches the threshold:

nAruba Central triggers the Gateway base license capacity limit exceeded alert.

nIf the notification options for the Gateway base license capacity limit exceeded alert is configured,

Aruba Central sends an email notification with a list Aruba virtual gateways that exceed the client capacity

threshold. You can also configure alerts to trigger an incident using Webhook. .

For Paid licenses email notifications are sent out in 30 day intervals starting at 90th day before

expiration and the last notification a day before the expiry of the license.

For Evaluation licenses email notifications are sent out on the 30th day before expiration and a day

before the expiry of the license.

Assigning Subscriptions to Virtual Gateways

1. Under Virtual Gateway, select the device to which you want to assign a subscription.

2. Expand the drop-down in the Assignment column for the selected device.

3. Select the subscription SKU. For example, VGW-500MB.

4. To assign subscription to multiple devices:

Aruba Central automatically assigns a valid subscription to a virtual gateway. When a subscription

expires, Aruba Central automatically assigns a valid subscription from the same subscription

category.

For more information on available SKUs, contact yourArubaSalesSpecialist.

Aruba SD-WAN Solution | User Guide 19

Assigning Gateways to a Group

A group in Aruba Central is a primary configuration element that acts like a container. In other words, groups

are a subset of one or several devices that share common configuration settings. Aruba Central supports

assigning devices to groups for the ease of configuration and maintenance. For example, you can create a

common group for Branch Gateways that have similar configuration requirements.

Aruba Gateway Groups for SD-WAN Deployments

The device groups in Aruba Central support the following features:

nCombining Branch Gateways of identical characteristics and configuration requirements under a single

group.

nCreating groups according to your branch requirements.

oYou can create separate groups for the small, medium, and large sized branches.

oYou can also create separate groups for the branch sites in different geographical locations; for example,

East Coast and West Coast branch sites. If these groups have similar characteristics with minor

differences, you can create the first group and then clone it.

oYou can use either a single group for all the devices or deploy devices in multiple groups. For example,

you can deploy 7008controllers and Aruba 2930F Switch Series with 24 ports in a single group for every

branch.

oYou can also deploy 7005controller and Aruba 2930F Switch Series with 24 ports in one group and

provision 7008controller with Aruba 2930F Switch Series with 48 ports in another group.

nProvisioning Branch Gateways and VPN Concentrators in separate groups. As the configuration

requirements for Branch Gateways and VPNConcentrators are different, the Branch Gateways and

VPNConcentrators must be assigned to different groups.

nCombining different types of devices under a group. For example, a group can have Instant APs, switches,

and SD-WAN gateways. .

Important Points to Note

nThe groups in Aruba Central are not device-specific, so you can provision Branch Gateways, switches, and

Instant APs in a single group. However, VPNConcentrators and Branch Gateways must be assigned to

different groups.

nA device can be part of only one group at any given time.

nAfter assigning the SD-WAN gateways to groups, you must set the group persona or role as Branch

Gateway or VPN Concentrator.

To assign gateways to a group, complete the following steps:

1. In the Network Operations app, set the filter to Global.

The dashboard context for the selected filter is displayed.

2. Under Maintain, click Organization >Groups.

The Groups page is displayed. By default, the Groups page is displayed.

3. Under Manage Groups, from the devices table on the right, select the gateway that you want to

assign to a new group.

4. Drag and drop the device to the group to which you want to assign the device.

5. Click Yes in the confirmation dialog box.

Getting Started | 20

If the group is not available in the list, click New Group to create a new group, and then drag and drop

the gateways to the group that you just created.

Assigning Gateways to Sites

A site in Aruba Central refers to a physical location where a set of devices are installed; for example, campus,

branch, or a venue. You can create a branch or campus site; for example Branch A or Campus A, for a

specific geographical location and assign devices to it. You can use these sites as filters for viewing your

deployment topology, monitoring network and device health.

To assign gateways to a site, complete the following steps:

1. In the Network Operations app, set the filter to Global.

The dashboard context for the selected filter is displayed.

2. Under Maintain, click Organization >Sites and Labels.

The Sites and Labels page is displayed. By default, the Sites page is displayed.

3. Under Manage Sites, locate the site to which you want to assign a device.

You can also add a new site by clicking New Site and providing details, such as site name and

address.

4. Click Unassigned to view devices that are not assigned to any site.

5. Select one or several devices from the list of devices.

6. Drag and drop the devices to the site on the left.

7. Click Yes in the confirmation dialog box.

For more information, see Sites in Aruba Central documentation.

Assigning Labels to Gateways

In Aruba Central, labels refer to the tags attached to a device provisioned in the network. You can use labels

for tagging devices to a specific area in a physical location, to an owner or a specific branch, or a business

unit. You can use these labels as filters for monitoring branch and device health, and generating reports.

To assign a label to a gateway, complete the following steps:

1. In the Network Operations app, set the filter to Global.

The dashboard context for the selected filter is displayed.

2. Under Maintain, click Organization >Sites and Labels.

The Sites and Labels page is displayed. By default, the Sites page is displayed.

3. Use the toggle switch to access the Labels page.

4. Locate the label to which you want to assign a device. You can also create a new label by clicking

Add Label and providing a label name.

5. In the table that lists the labels, you can perform one of the following actions:

nClick All Devices to view all devices.

nClick Unassigned to view all the devices that are not assigned to any labels.

Aruba Central, Central 2.5.2 SD-WAN Solution User guide

Related papers

Other documents