wiki.ohea.xyz/wiki
11
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated Aruba S2500.md (markdown)

Browse Source
This commit is contained in:
restitux
2023-01-25 03:25:25 +00:00
parent f37c48cef0
commit 020dc37904
1 changed files with 214 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files
networking/Aruba S2500.md
+214 -43
View File
@@ -1,4 +1,4 @@
## Reset the Switch to Factory Defaults
## Resetting the Switch to Factory Defaults
The switch can be reset through the on screen display's menu. This can be
controlled using the two available buttons, ``menu`` and ``enter``.
@@ -11,6 +11,29 @@ To factory reset the switch, do the following:
4. Press the ``menu`` button until ``Factory Default`` is selected.
5. Press the ``enter`` button once to select, and a second time to confirm.
## Connecting to the Switch
### Console
The Aruba S2500 has a micro USB port on the back which exposes a serial
interface that can be used to manage the switch.
To connec to the serial interface you will need a computer, a micro USB cable,
and a serial application (here we are using `screen`).
1. Connect the USB serial port on the back of the switch to your computer
2. Connect to the serial port with screen
- `sudo screen /dev/ttyUSB0 9600` (replace `ttyUSB0` with the device node
your system assigns to the switch)
3. Login with the default username and password
- username: `password`
- password: `forgetme!`
You should now be dropped to a shell that looks like the below
```
(ArubaS2500-48P-US) >
```
## Setting the Switch's Account Passwords
Relevant forum thread [here](https://community.arubanetworks.com/community-home/digestviewer/viewthread?MID=9356).
@@ -70,6 +93,11 @@ as of Jan 24, 2023 is as follows.
`ArubaOS_MAS_7.4.1.9_62608`: `613abae502736c7c7ac2a0548edf506280d2afb8d2762db784ffa68f5cd6c52c`
### Copy the Firmware to a USB Drive
You will need to format a USB drive as FAT32. You can put the firmware binary
anywhere on the filesystem. I would suggest putting it at the root as this is
easiest to type into the switch's console.
### Install the Firmware
From the switch's console, login and escalate your privledges.
```
@@ -93,49 +121,7 @@ Do you really want to restart the system(y/n): y
System will now restart!
```
### Connecting to the Switch
#### Console
The Aruba S2500 has a micro USB port on the back which exposes a serial
interface that can be used to manage the switch.
To connec to the serial interface you will need a computer, a micro USB cable,
and a serial application (here we are using `screen`).
1. Connect the USB serial port on the back of the switch to your computer
2. Connect to the serial port with screen
- `sudo screen /dev/ttyUSB0 9600` (replace `ttyUSB0` with the device node
your system assigns to the switch)
3. Login with the default username and password
- username: `password`
- password: `forgetme!`
You should now be dropped to a shell that looks like the below
```
(ArubaS2500-48P-US) >
```
### Ethernet (broken)
The Aruba S2500 provides a Web UI that can be used to configure the switch.
The WebUI forces HTTPS by default and the ciphers supported are not permitted by
most modern browsers. You can enabled outdated ciphers in your browser which
will enable you to sucessfully connect, but the WebUI may still fail to display.
To connect to the WebUI
1. TODO: enable the Quick Setup WebUI via the front panel menu
2. Connect an ethernet cable between your device and one of the 1GbE port on
the front of the switch
3. On your machine, assign the interface a static IP with the follow configuration
- IP: `172.16.0.2`
- Subnet Mask: `255.255.255.0` or `/24`
- Gateway: `172.16.0.1`
4. Connect to `http://172.16.0.254` in your browser.
You should now have access to the WebUI.
## Running through Quick Setup
@@ -155,3 +141,188 @@ Autoconfiguration of system will be stopped, if Quick-setup is launched by user
Invoke Quick-setup (y|n)??? [y]:y
```
## Tips for Navigating the Console
### Hotkeys
In the switch's console interface, there are some hotkeys that you should be
aware of.
`?`: Pressing the question mark key at any time displays all the possible
options you could complete your command with. This takes into account the
characters you already have types. You can use it both to list commands
and their subcommands or parameters. You can also use the question mark to
list the set of valid configuration parameters you can set in the current
configuration context.
`TAB`: Pressing the tab key will auto complete the current command if it is not
ambiguous. If it is, nothing will happen.
`!`: You can enter an exclamation mark character to back out of the current
configuration block. This is quicker than typing `exit`.
### Shell Prompt
The shell prompt can provide you some helpful information on what context you
are currently working in.
In the following command line, each field is as follows.
```
(hostname) (config_context) (#/>)
```
- `hostname` is your device's hostname.
- `config` context is the current configuration context you are in (this will
be absent if you are not in the configuration utility.)
- `#/>` denotes whether you are in `enable` mode or not. A `#` signafies
`enable` mode
### Saving Your Changes
Remember to save your changes when you are done. This can be done by running
the `write memory` command.
## Configuring VLANs
To configure a VLAN, two steps must be done.
### 1. Creating the VLAN
To create a VLAN, use the `vlan` command. It is helpful to give your VLAN's a
description you can reference later.
```
ArubaS2500-48P) (config) #vlan 60
(ArubaS2500-48P) (VLAN "60") #?
aaa-profile VLAN AAA profile
clone Copy data from another VLAN
description VLAN description
dhcp-snooping-database Add Static Snoop mac entry
dhcp-snooping-profile dhcp snooping profile name
igmp-snooping-profile igmp snooping profile name
mac-address-table Configure the MAC address table
mac-aging-time Mac Aging Time in Minutes
mld-snooping-profile mld snooping profile name
no Delete Command
pvst-profile per vlan rapid spanning tree profile name
(ArubaS2500-48P) (VLAN "60") #description "office"
(ArubaS2500-48P) (VLAN "60") #!
```
### 2. Creating a Port Profile
Next, you will have to create a port profile that makes uses of your configured
VLAN. This configuration differs if you want the port to have tagged traffic.
#### 2a. Port With Untagged Traffic
In this example, we will create a port profile configured to route traffic for
VLAN 60 untagged.
```
interface-profile switching-profile "general"
access-vlan 60
native-vlan 60
trunk allowed vlan 60
!
```
#### 2b. Port with Tagged and Untagged Traffic
In this example, we will create a port with VLANs 10 and 20 configured for
tagged traffic and VLAN 60 configured for untagged traffic.
```
interface-profile switching-profile "uplink"
switchport-mode trunk
access-vlan 60
native-vlan 60
trunk allowed vlan 10,20,60
!
```
Remember to set the `switchport-mode trunk` param on any profile that needs to
route untagged traffic.
### 3. Apply Port Profile to Port
Finally, we need to apply this profile to a port. In this example, I will be
applying the profile `office` to the Gigabit Ethernet port `0/0/0` which is
the lowest numbered Gigabit port on the switch (port 0).
```
(ArubaS2500-48P) (config) #interface gigabitethernet 0/0/0
(ArubaS2500-48P) (gigabitethernet "0/0/0") #switching-profile "office"
(ArubaS2500-48P) (gigabitethernet "0/0/0") #!
```
## Exposing the Configuration Interfaces to Your Network
## Configuring the Managment Interface
The switch's managmement functions needs to be configured to listen on a
specific interface. In this example, we will be configuring it to listen on
VLAN 60.
### Configure the Connection on the Desired Interface
```
(ArubaS2500-48P) (ip-profile) #interface vlan 60
(ArubaS2500-48P) (VLAN "10") #description "office"
(ArubaS2500-48P) (VLAN "10") #!
```
For a static IP:
```
(ArubaS2500-48P) (vlan "60") #ip address 10.0.0.10 255.255.255.0
```
For DHCP:
```
(ArubaS2500-48P) (vlan "60") #ip address dhcp-client
```
### Configure the Controller to Listen on This Interface
First, open the `ip-profile` settings.
```
(ArubaS2500-48P) (config) #ip-profile
(ArubaS2500-48P) (ip-profile) #?
controller-ip Configure controller IP
default-gateway Specify default gateway
no Delete Command
prefix-list Configure prefix list
route Configure static route A.B.C.D
```
Next, configure the `controller-ip`.
```
(ArubaS2500-48P) (ip-profile) #controller-ip vlan 60
Since controller IP address will change, connectivity to this controller might be affected. Do you want to proceed with this action [y/n]: y
```
Finally, configure the `default-gateway`. This value will be different if you
are using a static IP or DHCP on your desired interface.
For a static IP:
```
(ArubaS2500-48P) (ip-profile) #default-gateway 10.0.0.1
```
For DHCP:
```
(ArubaS2500-48P) (ip-profile) #default-gateway import dhcp
```
### Enable the WebUI
To enable the WebUI, we need to enable the `mgmt-ui-ports` option on the
`web-server` configuration param.
```
(ArubaS2500-48P) (config) #web-server
(ArubaS2500-48P) (Web Server Configuration) #?
captive-portal-cert Certificate name configured under certificate
manager
captive-portal-ports Enable or Disable Captive Portal Ports 8080/8081
ciphers Configure cipher suite strength. Default is high
mgmt-auth Configure management user's WebUI access method,
either username/password authentication or
certificate authentication or both. Default is
username/password authentication
mgmt-ui-ports Enable or Disable Webserver
no Delete Command
session-timeout Configure user's WebUI session timeout <30-3600>
(seconds)
ssl-protocol SSL/TLS Protocol Config
switch-cert Certificate name configured under certificate
manager
web-max-clients Configure web servers' maximum supported concurrent
clients <25-400>
(ArubaS2500-48P) (Web Server Configuration) #mgmt-ui-ports
(ArubaS2500-48P) (Web Server Configuration) #!
```