Community How To

 View Only

[LOCAL MANAGEMENT] Aruba 1930 - change management vlan

  • 1.  [LOCAL MANAGEMENT] Aruba 1930 - change management vlan

    Posted 29 days ago

    Hello,

    What is a proper way to change management vlan? I checked the documentation and I was almost sure that my approach is correct.
    What I plan to do:
     > Have separate VLANS and restrict access to Aruba Instant On only to VLAN 15(new Management VLAN) - firewall will block unwanted traffic and switch will have admin console disabled for ports.

    What I did:
    1) I setup VLANs on pfSense connected it to Aruba. I was able to assign devices their specific vlans - I tested if device is receving correct IP from VLANs 1, 15 and some others so DHCP is working. I tested it it by having some ports untagged with different VLAN's.
    2) I setup two trunk ports 23 and 24 to have all vlans included and tagged except VLAN 1(default management port) and VLAN 15(new management port). Those two VLANS I left untagged on those ports in case I would have to switch a port to get IP from VLAN 15.
    3) I checked if I have DHCP enabled in Network Setup > Get Connected, and I changed Management VLAN to 15, I accepted that I might lose access to if VLANs are not configured properly.

    And then I lost connection with GUI - all the communication between devices was still working, I had access to the internet, so I thought ok I need to change port from untagged VLAN 1 to untagged VLAN 15 to get new ip.
    But everything died the moment I did that. All the ports started blinking in sync like the same action was taking place on all ports, I lost internet connection and I could not ping anything from any host. But when I switched back to port having Untagget VLAN 1 everything started working again except the GUI.
    So I thought that I need to reboot the switch so changes can be updated, but management VLAN was restored to VLAN 1 and now I am confused.

    Checking the logs I can only see that Aruba did not get any DHCP lease after the change. 

    Is there something that I might be missing?



    ------------------------------
    Sylwester Wróblewski
    ------------------------------