An Aruba AP running ArubaOS has provisioning parameters that can be configured manually through a console connection.
These parameters tell the AP where to terminate its GRE tunnel, or where to get the AP image from.
You will need a console cable and physical access to the AP. Follow these steps:
- connect to the serial port on the AP
- establish a session to the AP
- power-cycle/reboot the AP
- break the boot by pressing
Enterwhen the session displays the message
"Hit" <Enter> to stop autoboot.
For AP image configuration, we care about the following commands:
|IP destination for the AP’s GRE tunnel
|TFTP server where AP can get an image from
|tell the AP where to boot from
bootcmd environment variable is important when using this method and is not mentioned in the tech docs.
By default the
bootcmd environment variable is set to
boot ap. This means it will boot using it’s local image.
To get the AP to boot from a TFTP server, you need to change the
tftpboot. Otherwise, it will never reach out to the TFTP server. I lost several hours of my time to this.
setenv master <controller>
setenv serverip <tftp>
setenv bootcmd <boot ap|tftpboot>
setenv master 10.0.0.9
setenv serverip 10.0.1.5
setenv bootcmd tftpboot
How do we verify the version? Either telnet into the AP, or log into the AP from the console session.
- If there is a password, type it in and press enter.
- You should be looking at a prompt like this:
- Press the following keys in the order listed
ESC + CTRL + K
- You should see
~ # Switching to Full Accessprint to the screen
Note that everytime the AP boots it will reach out to the TFTP server for it’s image.
Thanks to Ryan Stewart for reading drafts of this.
- this was tested with 184.108.40.206 and 220.127.116.11 ArubaOS code on an AP-325
- AP boot commands
printenvto show the current environment variables
osinfoto show the loaded ArubaOS image version ` run
saveto save your changes
bootto boot the AP once you’re done making changes
- console password is defined in the ap system-profile. to check it, on controller run
encrypt disableand then check ap system-profile
show ap system-profile <profile>
- 09/30/2019 - original post
- 10/01/2019 - clarification