ZTP support on ArubaOS-CX

Switches running ArubaOS-CX software support standards-based Zero Touch Provisioning (ZTP) operations as follows:

  • The switch must be running the factory default configuration.

  • The switch connects to the DHCP server from the OOBM management port only.

  • ZTP operations are supported over IPv4 connections only. IPv6 connections are not supported for ZTP operations.

  • You must configure the DHCP server to provide a standards-based ZTP server solution. Options and features that are specific to Network Management Solution (NMS) tools, such as AirWave, are not supported.

    For a complete list of the supported DHCP options, see Supported DHCP options for ZTP on ArubaOS-CX.

  • The configuration file is a text file that becomes the startup and running configuration on the switch after the ZTP operation is complete. The configuration can be in CLI or in JSON format.

  • When the switch is started using the factory default configuration, the ZTP operation is started automatically and is attempted for a maximum of 10 minutes. There is no CLI command required to start the operation.

The supported DHCP standards are the following:

Supported DHCP options for ZTP on ArubaOS-CX

DHCP option



Vendor Class Identifier (VCI)


IPv4 address of the TFTP server (Specifying a host name instead of an IP address is not supported.)

43 suboption 144

Name of the configuration file

43 suboption 145

Name of the firmware image file


Name of the configuration file (Option 43 suboption 144 takes precedence over this option.)

Hewlett Packard Enterprise recommends that you implement ZTP in a secure and private environment. Any public access can compromise the security of the switch, as follows:

  • Because ZTP is enabled only on the factory default configuration of the switch, DHCP snooping is not enabled. The Rogue DHCP server must be manually managed.

  • The DHCP offer is in plain data without encryption.