Templates in Aruba Central refer to a set of configuration commands that can be used by the administrators for provisioning devices in a group. Configuration templates enable administrators to apply a set of configuration parameters simultaneously to multiple switches in a group and thus automate switch deployments.

But back to your question if admin-edge is the same as or includes bpdu-filter: admin-edge sets the port to forwarding. Bpdu-filter stops the port from sending BPDUs over this port. Bpdu-protection shuts down the port in the moment a BPDU is received on this port. The port needs to be manually activated again. Specifies the port type as administrative edge. During spanning tree establishment, ports with admin-edge enabled transition immediately to the forwarding state. Specifies the port type as administrative network. When this option is selected, the port looks for BPDUs for the first 3 seconds. If there are none, the port is classified as an edge port and immediately starts forwarding packets. The rule should be the same as I said with RDP but instead of 3389 it is 443. Since you have Dynamic DNS for your Business you will need to check with your ISP provider if they allow port 443. You might want to translate port 444 to the port 443 on your server. You can do the following. Add Destination NAT Rule on the NAT Tab. Using admin-edge-port and bdpu-filter. On an aruba switch I've 4 ESXi switches connected to A3-A6. According to this vmware article the admin-edge-port should be applied to these ports. Now I'm using the following command: spanning-tree A3-A6 admin-edge-port. PortFast is usually configured on an edge port, which means the port should not receive any STP BPDUs. If the port receives any STP BPDU, it moves back to normal/regular mode and will participate in the listening and learning states. In most deployments, edge ports are access ports.

Creating a Group for Template-Based Configuration

For template-based provisioning, switches must be assigned to a group with template-based configuration method enabled.

For more information, see Managing Groups and Assigning Devices to Groups.

Creating a Configuration Template

To create a configuration template for switches:

1. In the Network Operations app, use the filter to select a template group.

2. Under Manage, click Devices > Switches.

3. Click the configuration icon to display the switch configuration dashboard.

4. Click Templates. The Templates page is displayed.

5. Click + to add a new template. The Add Template window is displayed.

6. Enter a name for the template in the Template Name field.

7. Ensure that Aruba Switch is selected in the Device drop-down.

8. Select the switch model and software version. You can specify any of the following combinations:

ALL for both Model and Version—To apply the template to all switch models and all supported switch software versions.

ALL for Model and a specific software version for Version—To apply the template to all switch models running the specified software version.

ALL for Version and a specific switch model for Model—To apply the template to a specific switch model and all software versions supported by the selected switch model.

A specific switch model and a software version—To apply the template to a specific switch model and the software version. The template created for a specific switch model and a firmware version takes precedence over the template that is created for all platforms and versions.

9. Select the manufacturing part number of the switch in the Part Number drop-down.

10. Build a new template or import configuration information from a switch that is already provisioned in the template group.

To build a new template, add the switch command information in the Template text box. Ensure that the template text adheres to the guidelines listed in the Important Points to Note.

To import configuration text from a switch that is already provisioned in the template group:

a. Select the switch from which you want to import the configuration.

b. Click Import Template. The imported configuration is displayed in the Template text box.

c. If required, modify the configuration parameters. Ensure that the template text adheres to the guidelines listed in the Important Points to Note.

11. Click Save. After you apply the configuration template, switches reboot and reconnect to Aruba Central with the new configuration.

Important Points to Note

Note the following points when adding configuration text to a template:

The CLI syntax in the switch template must be accurate. Aruba recommends that you validate the configuration syntax on the switch before adding it to the template text.

Ensure that the command text indentation matches the indentation in the running configuration.

The commands in the template are case-sensitive.

The following example illustrates the case discrepancies that the users must avoid in the template text:

trunk E1-E4 trk1 trunk

interface Trk1

dhcp-snooping trust

exit

trunk E1-E4 trk1 trunk

switch-interconnect trk1

trunk E5-E6 trk2 trunk

vlan 5

name 'VLAN5'

untagged Trk2

tagged Trk1

isolate-list Trk1

ip igmp forcedfastleave Trk1

ip igmp blocked Trk1

ip igmp forward Trk1

forbid Trk1

loop-protect Trk2

trunk E1-E4 trk1 trunk

trunk E4-E5 trk2 trunk

spanning-tree Trk1 priority 4

spanning-tree Trk2 admin-edge-port

trunk A2-A4 trk1 trunk

igmp fastlearn Trk1

trunk E4-E5 trk2 trunk

ip source-binding 2 4.5.6.7 b05ada-96a4a0 Trk2

[no] ip source-binding trap OutOfResources

snmp-server mib hpSwitchAuthMIB ..

snmp-server mib hpicfMACsec unsecured-access ..

[no] lldp config <P-PORT-LIST> dot1TlvEnable ..

[no] lldp config <P-PORT-LIST> medTlvEnable ..

no lldp config <P-PORT-LIST> medPortLocation..

[no] lldp config <P-PORT-LIST> dot3TlvEnable ..

[no] lldp config <P-PORT-LIST> basicTlvEnable ..

[no] lldp config <P-PORT-LIST> ipAddrEnable <lldp-ip>

trunk-load-balance L4-based

trunk-load-balance L3-based

Best Practices

Aruba recommends you to follow the below steps to use configuration templates in managing switches:

1. Configure the switch.

2. Add the switch to Aruba Central.

3. Create the template, You can use Import template option to import an existing template created for switches.

4. Modify the template based on the user requirement. For example, addition or removal of variables.

5. Save the edited template.

Great! Thanks for the feedback

Sorry about that! How can we improve it?Please send your comments and suggestions!

Templates in Aruba Central refer to a set of configuration commands that can be used by the administrators for provisioning devices in a group. Configuration templates enable administrators to apply a set of configuration parameters simultaneously to multiple switches in a group and thus automate switch deployments

To minimize configuration errors and troubleshoot device-specific configuration issues, Aruba recommends that the device administrators familiarize themselves with the CLI configuration commands available on Aruba CX switches.

Creating a Group for Template-Based Configuration

For template-based provisioning, switches must be assigned to a group with template-based configuration method enabled.

For more information, see Managing Groups and Assigning Devices to Groups.

Aruba CX switches can only be configured using configuration templates.
You cannot move a Aruba CX switch from a template group to a UI group in Aruba Central. If attempted, a warning is displayed that the Aruba CX switch cannot be moved to a UI group, because UI group is not supported on Aruba CX switches.
When you onboard a factory default Aruba CX switch, the switch is listed under Unassigned Devices in the Organization > Groups page, because UI group is not supported on Aruba CX switches.
When you pre-provision a Aruba CX switch, the switch is listed under Unassigned Devices in the Organization > Groups page, because UI group is not available for Aruba CX switches.
For Aruba CX switches, the Import Configuration to New Group feature is not supported.

Creating a Configuration Template

To create a configuration template for switches:

1. In the Network Operations app, set the filter to a template group.

   The dashboard context for the group is displayed.

2. Under Manage, click Devices > Switches.
3. Click the Config icon.

   The tabs to configure switches using templates is displayed.

4. Click the Templates tab. The Templates page is displayed.
5. Click + to add a new template. The Add Template window is displayed.
6. In the Basic Info tab, enter a name for the template in the Template Name field.
7. In the Device Type drop-down, select Aruba CX.
8. Select the switch model and software version. You can specify any of the following combinations:
   • ALL for both Model and Version—To apply the template to all switch models and all supported switch software versions.
   • ALL for Model and a software version for Version—To apply the template to all switch models running the selected software version.
   • ALL for Version and a switch model for Model—To apply the template to a switch model and all software versions supported by the selected switch model.
   • A switch model and a software version—To apply the template to a specific switch model and the software version. The template created for a switch model and a software version takes precedence over the template that is created for all platforms and versions.
9. Select the manufacturing part number of the switch in the Part Number drop-down.

   The Part Number drop-down is displayed only if you select a switch model in the Model drop-down.
   If you select a specific switch model and part number, you can apply the template to a standalone switch and not to a stack.
   If you select All in the Model drop-down, or if you select a switch model and All in the Part Number drop-down, you can apply a template to both a standalone switch and stack.

10. Click Next. The Template tab is displayed.
11. Build a new template by adding the output of the show running-config from the switch CLI in the Template text box. Ensure that the template text adheres to the guidelines listed in the Important Points to Note.

    You must manually create the template for the Aruba CX switch in a group, along with the password in plaintext format. You can use the output of the show running-config command to create the template. You can also add variables to use the same template for onboarding multiple Aruba CX switches. For more information on variables, see Managing Variable Files.
    All switch templates must include a password command to set a password for the device. The template cannot be saved without adding a password command. If the configuration that is pushed from Aruba Central to the device does not contain a password command, the configuration push is aborted for the device and a log is added to the audit trail. For example, if you add the password command in a condition block and the condition evaluates to false, the configuration that is pushed will not contain the password command. For more information, see Managing Password in Configuration Templates.
    For Aruba CX switches, you must configure the password only in plaintext. Also, the format of password must be user admin group administrators password plaintext <string>.

12. Click Save. After you apply the configuration template, switches reboot and reconnect to Aruba Central with the new configuration

Aruba Admin-edge-port

Important Points to Note

Note the following points when adding configuration text to a template:

• The CLI syntax in the switch template must be accurate. Aruba recommends that you validate the configuration syntax on the switch before adding it to the template text.
• Ensure that the command text indentation matches the indentation in the running configuration.
• The commands in the template are case-sensitive.

The following example illustrates the case discrepancies that the users must avoid in the template text:

Aruba Switch Admin-edge-port

Admin Edge Port Aruba

Aruba Admin Edge Port St Lucie

Aruba Admin Edge Port Canaveral