n Access the local switch WebUI, navigate to Configuration > AP Installation > Campus AP Whitelist
and click Purge.
6. Now connect the new local switch to the network. It is very important that the local switch be able to
contact the master switch the first time it connects to the network, because the master switch certifies the
local switch's control plane security certificate the first time the local switch contacts its master.
7. Once the local switch has a valid control plane security certificate and configuration, the local switch receives
the campus AP whitelist from the master switch and starts certifying approved APs.
8. APs associated with the new local switch reboots and creates new IPsec tunnels to their switch using the
new certificate keys.
Replacing a Master Switch with No Backup
Use the following procedure to replace a master switch that does not have a backup switch:
1. Remove the old master switch from the network.
2. Install and configure the new master switch, then connect the new master to the network. The new master
switch generates a new certificate when it first becomes active.
3. If the new master switch has a different IP address than the old master switch, change the master IP
address on the local switches to reflect the address of the new master.
4. Reboot each local switch to ensure the local switches obtain their certificate from the new master. Each local
switch begins using a new certificate signed by the master switch.
5. APs are now no longer able to securely communicate with the switch using their current key, and must
obtain a new certificate. Access the campus AP whitelist on any local switch, and change all APs in a
“certified” state to an “approved” state. The new master switch sends the approved APs new certificates.
The APs reboot and create new IPsec tunnels to their switch using the new certificate key.
If the master switch does not have any local switches, you must recreate the campus AP whitelist by turning
on automatic certificate provisioning or manually reentering the campus AP whitelist entries.
Replacing a Redundant Master Switch
The control plane security feature requires you to synchronize databases from the primary master switch to
the backup master switch at least once after the network is up and running. This ensures that all certificates,
keys, and whitelist entries are synchronized to the backup switch. Because the AP whitelist may change
periodically, you should regularly synchronize these settings to the backup switch. For details, see Configuring
Networks with a Backup Master Switch on page 72.
When you install a new backup master switch, you must add it as a lower priorityswitch than the existing
primary switch. After you install the backup switch on the network, synchronize the database from the existing
primary switch to the new backup switch to ensure that all certificates, keys, and whitelist entries required for
control plane security are added to the new backup switch configuration. If you want the new switch to act as
the primary switch, you can increase that switch’s priority after the settings have been synchronized.
Replacing Switches in a Multi-Master Network
Use the following procedures to replace a master or local switch in a network environment with a multiple
master switches.
Replacing a Local Switch in a Multi-Master Network
The procedure to replace a local switch in a network with multiple master switches is the same as the procedure
to replace a local switch in a single-master network. To replace a local switch in a multi-master network, follow
the procedure described in Replacing a Local Switch on page 73
AOS-W 6.5.3.x | User Guide Control Plane Security | 74
To Next Page
Loading...