Reference Guide

ManualsBrandsDell ManualsTVs & monitorsW-620

191

192

193

194

195

196

197

198

199

200

192 | cluster-member-ip Dell PowerConnect W-Series ArubaOS 6.2 | Reference Guide

cluster-member-ip

cluster-member-ip <ip-address>

ipsec <key>

Description

This command sets the controller as a control plane security cluster root, and specifies the IPsec key for a cluster

member.

Syntax

Parameter Description

<ip-address>

Switch IP address of a control plane security cluster member. You can also use the IP

address 0.0.0.0 to set a single IPsec key for all cluster members.

ipsec <key>

Configure the value of the IPsec key for secure communication between the cluster root and

the specified cluster member. The key must be between 6-64 characters.

Usage Guidelines

If your network includes multiple master controllers each with their own hierarchy of APs and local controllers, you

can allow APs from one hierarchy to failover to any other hierarchy by defining a cluster of master controllers. Each

cluster will have one master controller as its cluster root, and all other master controllers as cluster members.

The master controller operating as the cluster root will use the control plane security feature to create a self-signed

certificate, then certify it’s own local controllers and APs. Next, the cluster root will send the certificate to each

cluster member, which in turn certifies their own local controllers and APs. Since all controllers and APs in the

cluster get their certificates from the cluster root, they will all have the same trust anchor, and the APs can switch to

any other controller in the cluster and still remain connected to the secure network.

Issue the cluster-member-ip command on the controller you want to define as the cluster root to set the IPsec key

for secure communication between the cluster root and each cluster member. Use the IP address 0.0.0.0 in this

command to set a single IPsec key for all member controllers, or repeat this command as desired to define a different

IPsec key for each cluster member.

Once the cluster root has defined an IPsec key for all cluster members, you must access each of the member

controllers and issue the command cluster-root-ip to define the IPsec key for communication to the cluster root.

Example

The following command sets the controller on which you issue command as a root controller, and adds the

controller172.21.18.18 as a cluster member with the IPsec key ipseckey1:

(host) (config) #cluster-member-ip 172.21.18.18 ipsec ipseckey1

Related Commands

Parameter Description Mode

control-plane-security

Configure the control plane security profile. Config mode