HP GbE2c HP GbE2c Ethernet Blade Switch for c-Class BladeSystem User Guide - Page 12

Introduction 12

configurable from the browser-based interface, but because the connection is based on an IP address for

these interfaces, users will have to reconnect with the newly assigned IP address.

NTP

The switch maintains the current date and time. This information displays on the management interfaces

and is used to record the date and time of switch events. Current date and time information are manually

set on the switch or are obtained through NTP. NTP allows the switch to send a request to a primary NTP

server in each polling period asking for GMT.

RADIUS

The switch supports the RADIUS method to authenticate and authorize remote administrators for managing

the switch. This method is based on a client/server model. The RAS, the switch, is a client to the back-end

database server. A remote user (the remote administrator) interacts only with the RAS, not the back-end

server and database.

RADIUS authentication consists of:

•

A protocol with a frame format that utilizes UDP over IP, based on RFC 2138 and 2866

•

A centralized server that stores all the user authorization information

•

A client, in this case, the switch

The switch, acting as the RADIUS client, communicates to the RADIUS server to authenticate and authorize

a remote administrator using the protocol definitions specified in RFC 2138 and 2866. Transactions

between the client and the RADIUS server are authenticated using a shared key that is not sent over the

network. In addition, the remote administrator passwords are sent encrypted between the RADIUS client

(the switch) and the back-end RADIUS server.

The benefits of using RADIUS are:

•

Authentication of remote administrators

•

Identification of the administrator using name/password

•

Authorization of remote administrators

•

Determination of the permitted actions and customizing service for individual administrators

TACACS+

The switch supports the TACACS+ method to authenticate, authorize, and account for remote

administrators managing the switch. This method is based on a client/server model. The switch is a client

to the back-end TACACS+ AAA server. A remote user (the remote administrator) interacts only with the

client, and not with the back end AAA server.

The TACACS+ AAA method consists of:

•

A protocol with a frame format that utilizes TCP over IP

•

A centralized AAA server that stores all the user authentication, authorization, and accounting (of

usage) information

•

A NAS or client (in this case, the switch)

The switch, acting as the TACACS+ client or NAS, communicates to the TACACS+ server to authenticate,

authorize, and account for user access. Transactions between the client and the TACACS+ server are

authenticated using a shared key that is not sent over the network. In addition, the remote administrator

passwords are sent encrypted between the TACACS+ client (the switch) and the back-end TACACS+

server.

The switch supports:

Section	Page
HP GbE2c Ethernet Blade Switch for c-Class BladeSystem User Guide	1
Notice	2
Contents	3
Introduction	6
Overview	6
Additional references	6
Features	6
Enterprise class performance	6
Switch redundancy	8
Configuration and management	8
Diagnostic tools	9
Switch architecture	9
Port Mapping	9
Dual switches	9
Redundant crosslinks	9
Redundant paths to server bays	10
Supported technologies	10
Layer 2 switching	10
IEEE 802.1 Q-based VLAN	10
Spanning Tree Protocol	10
SNMP	11
Port mirroring	11
Port trunking and load balancing	11
TFTP support	11
Store and forward switching scheme	11
BOOTP	11
NTP	12
RADIUS	12
TACACS+	12
SSH and SCP	13
XModem	13
IGMP Snooping	13
Jumbo frames	13
Auto-MDI/MDIX	13
Auto-negotiation of duplex mode and speed	13
Redundant images in firmware	14
External components	14
Rear panel	14
Connectors	15
Installing the switch	16
Planning the switch configuration	16
Default settings	16
Switch security	17
User, operator, and administrator access rights	17
Manually configuring a switch	18
Configuring multiple switches	18
Using scripted CLI commands through Telnet	18
Using a configuration file	18
Installing the switch	18
Preparing for installation	18
Installing the switch	19
Accessing the switch	19
Logging on and configuring the switch	20
Cabling the switch	21
Supporting software and special considerations	21
Replacing and upgrading the switch	22
Replacing an existing switch	22
Regulatory compliance notices	24
Class A equipment	24
Modifications	24
Cables	24
Canadian notice	24
European Union regulatory notice	25
BSMI notice	25
Japanese class A notice	25
Korean class A notice	26
Laser compliance	26
Technical specifications	27
General specifications	27
Runtime switching software default settings	28
General default settings	28
Port names, VLANs, STP, trunking default settings	34
Physical and environmental specifications	35
Performance specifications	35
Performing a serial download	37
Introduction	37
Serial upgrade of boot code firmware image procedure	37
Serial upgrade of operating system firmware procedure	39
SNMP MIBs support	42
MIB overview	42
SNMP Manager software	42
Supported MIBs	43
Supported traps	43
Electrostatic discharge	45
Preventing electrostatic discharge	45
Grounding methods to prevent electrostatic discharge	45
RJ-45 pin specification	46
Standard RJ-45 receptacle/connector	46
Troubleshooting	47
Forgotten administrator user name and password that was configured on the switch	47
Health LED on the switch is not on	47
Health LED on the switch stays amber for more than 30 seconds and switch does not boot	48
No link LED appears, even after plugging the Category 5 cable in the RJ-45 connector of the external port	48
Cannot access the switch serial console interface using null modem connection from a PC Terminal Emulation Program	48
Error message that the switch failed to complete the system self-testing appears on the serial console screen	48
The switch fails to get its IP settings from the BOOTP server, even though by default it is configured for BOOTP	49
The keyboard locks up when using HyperTerminal to log on to the switch through the console interface	49
Cannot connect to the switch console interface remotely using Telnet	49
Password is not accepted by the switch using the remote console interface immediately after a reboot	49
Cannot connect to the switch console interface remotely using SSH	49
Cannot connect to the switch SNMP interface	50
The port activity LEDs continuously indicate activity after connecting more than one port to another switch or destination device	50
Cannot connect to the switch remotely using the Web interface	50
Cannot enable a port in multiple VLANs while configuring VLANs	51
The switch does not let the user enable two adjacent ports into two different VLANs while assigning the ports to VLANs	51
While using TFTP to download firmware, the switch fails to connect to the TFTP server, or after connection the download fails	51
The switch fails to connect to the TFTP server while using TFTP to download or upload a configuration file, or after connection the download or upload fails	51
The console screen displays a message to change the baud for the terminal emulation session for XModem transfer after forcing the switch into the download mode, and does not display CCCC...	52
The download fails after starting to download the firmware file	52
The switch configuration is corrupt	52
Acronyms and abbreviations	53

HP GbE2c HP GbE2c Ethernet Blade Switch for c-Class BladeSystem User Guide - Page 12

Radius, Tacacs

Page 12 highlights