Cloud Managed Networks

 View Only
Back to discussions
Expand all | Collapse all

Classic or new Central for new deployment?

This thread has been viewed 124 times

  • 1.  Classic or new Central for new deployment?

    Posted Jan 19, 2026 02:38 AM
    We received a request from one of my customers to migrate to Aruba Central, they use on-prem infrastructure, Clearpass, Mobility Conductors, Controller  and APs,    They have around 2 thousand APs and 150 controllers.
     
    I´m not sure whether to use Classic or New Central initial deployment on Central for a big deployment (pros and Cons) 
     
    Could you, based on your expertise, suggest to me the best option?


    -------------------------------------------


  • 2.  RE: Classic or new Central for new deployment?

    Posted Jan 19, 2026 02:47 AM
    Edited by HR-abaef5 Jan 19, 2026 02:48 AM

    With such a deployment, when moving to new Central configuration, you probably would convert the controllers into gateways (same hardware) and move to AOS 10 if all equipment supports that. But a migration is a great moment to evaluate your architecture and see if it still matches your requirements.

    If those 150 controllers mean many sites that are similar, the new Central configuration will probably be a great match, unless you need SD-Branch at the moment which will take a little more time to be available in new Central.

    There are great videos on this migration that are based on this Validated Solution Guide.

    This may be a great opportunity to work with your channel SE or local SE and check all possible requirements and options for improvement/modernization of your customer's deployment.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your HPE Aruba Networking partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact HPE Aruba Networking TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or HPE Aruba Networking.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 3.  RE: Classic or new Central for new deployment?

    Posted Jan 19, 2026 09:21 AM

    The customer  use Aruba SDWAN in all branches , and then they want to remove controller function  to save maintenance cost

    -------------------------------------------



  • 4.  RE: Classic or new Central for new deployment?

    Posted Jan 20, 2026 09:44 AM

    I would not waste time on old central. The hierarchy is a huge win and will allow you to easily change / override site or device level configs. I have had good success with applying configs at site collections and then doing simple overrides at the site level. Some sites may need to adjust radio settings, or change the vlan's used in named-vlans. 

    I also found it was a pain migrating from campus (centralized) AP's on user data vlan's to trunk ports on the switch stacks. This often required moving patch cables to organize the AP's and then creating interface-ranges (if supported). There was more room for error then the traditional GRE tunnel to WLAN gateway (controller). Sites with more AP's I should have considered wlan gateways to make this easier. 

    Overall I had an uptick of WLAN complaints from users when migrating from controller AP's to old central. I have a fairly modified client-match config in our 8.x design. I have since disabled 2.4 ghz on newer configs to reduce some env issues. I struggled getting data from ops. Troubleshooting RF is a bit more involved. Still looking to fine tune some environmental issues. The probe request threshold was the next thought for tweaking. 

    I am still looking for options on bandwidth throttles for guest users. From what I can find in API documentation. Its supported on wlan gateways vs campus AP's. 

    The external facing API's are much more efficient due to the changes in rate limiting. Instead of a daily cap its number of api calls per second. We were heavily restricted on fetching data on old central to injest in monitoring. 

    Overall I have been satisfied with new central vs legacy, and just waiting for orchestration to be supported so I can move microbranch, vpnc's, and sd-branch. 

    -------------------------------------------

    Original Message


  • 5.  RE: Classic or new Central for new deployment?

    Posted Feb 02, 2026 11:01 AM

    Classic will be going away, so I'd recommend biting the bullet and going with the New.

    Having said that, the New Central is a nightmare.  It is far from intuitive and I have no idea why they revamped it in the first place.  Example, in the Classic, there was a one button toggle to "Deny Intra VLAN traffic" for an SSID so you could easily segment your Wi-Fi users to access internet only and not be able to reach anything on the LAN other than DHCP and DNS.

    Now you have to create role-based policies, and the process is not intuitive.  And even when I worked with HP to get it ironed out, it ended up not working as expected which needed another rule to allow DNS.

    Another example is I went to reboot all access points in New Central, and while it said they rebooted, they never did.  

    New Central is a HUGE step backwards for usability.  I have no doubt once I finally get it set and I can forget it, it will be fine.  But I don't know what possessed them to take a perfectly great portal setup and complicate it so much.

    -------------------------------------------



  • 6.  RE: Classic or new Central for new deployment?

    Posted Feb 07, 2026 07:29 AM

    Ideally New central, but it really is far from mature yet. I have been attempting to migrate a few of my customers and I have had the worst time of my life with 10+ tickets taking weeks, features not supported in New Central and having to roll several parts back to classic because it cannot be done on New Central.
    It has a LOT of issues with corrupted object data rendering reporting useless (not updating) or devices keeping wrong settings perpetually.

    It's not mature yet in my opinion.

    -------------------------------------------



  • 7.  RE: Classic or new Central for new deployment?

    Posted Apr 29, 2026 04:44 PM

    It has many more issue than just that.  What use to take 30 seconds to configure now takes all day. And even when I get HPE on the phone, not even they can figure it out right away. I don't want a platform where I waste hours of my time with what use to take me 30 seconds.  If they don't scrap these rule-based policies in favor of the simplicity of the way it was done in Classic, I'll be throwing all my Aruba APs in the dumpster and switching to Ubiquiti.

    -------------------------------------------

    Original Message


  • 8.  RE: Classic or new Central for new deployment?

    Posted Apr 29, 2026 06:20 PM

    Actually the new rule based policies are 100% what was needed. It may not seem straight forward at first and it is a bit confusing.  They work very similar to a top down approach on a firewall. A few of us posted to another link, you may find some use there. If you wish to pm me I am more then happy to explain my take on everything. 

    When I had to manage 5-8 products with 20 roles and many acl's. Now its a simple update for an acl to be tagged to many roles and what would take hours now takes seconds. Its so easy to scale to other products instead of re-creating the wheel over and over. I have included the link below that may be helpful with some hints. You are welcome to PM me if you need a better understanding. 

    https://airheads.hpe.com/discussion/new-central-client-assigned-roles

    As I am still waiting for features to be added back. Its still a green product and orchestration/topology is not even in production yet. With a little bit of time on the product.. I find its so much easier to get data from CNX not only from the web although the API's as well. Any major project change and overhaul will create new challenges. It all takes time. 

    Justin
    ACMX #598, ACCX #638

    -------------------------------------------

    Original Message


  • 9.  RE: Classic or new Central for new deployment?

    Posted Apr 30, 2026 08:37 AM

    I disagree about the need for role-based policies, especially when I have to call HPE every time I need to make a change, and even they take up hours of my time trying to figure it out themselves, on something that took me 30 seconds to accomplish with Classic.

    There was nothing wrong with Classic and this new Central is a muddled mess.  I don't have the time it takes for this convoluted interface.  If they insist on keeping it, or at least make it to where their own techs can navigate it in a timely manner as well, I'm jumping ship.


    Original Message


  • 10.  RE: Classic or new Central for new deployment?

    Posted Apr 30, 2026 09:01 AM

    There are options other then TAC. You can contact your SE or local VAR's for assistance. 

    If you would like to learn about roles and policies. I am happy to assist. The others on the forum are actually asking for real feedback and assistance. I am more then happy to provide some tips or assistance to anyone that is willing to put in some effort. 

    -------------------------------------------

    Original Message


  • 11.  RE: Classic or new Central for new deployment?

    Posted Apr 30, 2026 09:05 AM

    I understand the role-based policies.  The problem is it still is jumping through 10 hoops instead of 1.  "willing to put in some effort".  Too much effort. I don't have that kind of time. Even the techs have to set up web conferences with have to fiddle with it too long.  I went with Aruba because of it's no-nonsense interface and ease of configuration.  That's gone now.


    Original Message


Related Content