Home » HP Manuals » Repeaters & Transceivers » HP GbE2c » Manual Viewer

HP GbE2c HP GbE2c Layer 2/3 Ethernet Blade Switch for c-Class BladeSystem User - Page 17

Switch security - set switch name

UPC - 808736802215

Add to My Manuals
Save this manual to your list of manuals

Page 17 highlights

The Onboard Administrator module controls all port enabling. Enabling is based on matching ports between the server and the interconnect bay. Before power up, the Onboard Administrator module verifies that the server NIC option matches the switch bay that is selected and enables all ports for the NICs installed. NOTE: Port 19 is reserved for connection to the Onboard Administrator module for switch management. This allows a user to enable the functionality of future firmware upgrade releases. For detailed port mapping information, see the HP BladeSystem enclosure installation poster or the HP BladeSystem enclosure setup and installation guide on the HP website (http://www.hp.com/go/bladesystem/documentation). When planning the configuration, consider the default settings for these parameters: • Switch IP settings • VLAN settings • STP settings • Port names and types • Port trunking settings • Interswitch X-Connect port settings • SNMP settings • User name and password settings • Default access to various management interfaces • NTP settings IMPORTANT: See "Runtime switching software default settings (on page 29)" for a complete list of default configuration settings. Switch security When planning the switch configuration, secure access to the management interface by: • Creating users with various access levels • Enabling or disabling access to various management interfaces to fit the security policy • Changing default SNMP community strings for read-only and read-write access User, operator, and administrator access rights To enable better switch management and user accountability, three levels or classes of user access have been implemented on the switch. Levels of access to CLI, Web management functions, and screens increase as needed to perform various switch management tasks. Conceptually, access classes are defined as: • User interaction with the switch is completely passive. Nothing can be changed on the switch. Users can display information that has no security or privacy implications, such as switch statistics and current operational state information. • Operators can only effect temporary changes on the switch. These changes will be lost when the switch is rebooted/reset. Operators have access to the switch management features used for daily switch operations. Because any changes an operator makes are undone by a reset of the switch, operators cannot severely impact switch operation. Installing the switch 17

Section	Page
HP GbE2c Layer 2/3 Ethernet Blade Switch for c-Class BladeSystem User Guide	1
Notice	2
Contents	3
Introduction	6
Overview	6
Additional references	6
Features	6
Enterprise class performance	6
Switch redundancy	8
Configuration and management	8
Diagnostic tools	9
Switch architecture	9
Port Mapping	9
Dual switches	9
Redundant crosslinks	9
Redundant paths to server bays	10
Supported technologies	10
Layer 2 switching	10
Layer 3 switching	10
IEEE 802.1 Q-based VLAN	10
Spanning Tree Protocol	11
SNMP	11
Port mirroring	11
Port trunking and load balancing	11
TFTP support	12
Store and forward switching scheme	12
BOOTP	12
NTP	12
RADIUS	12
TACACS+	13
SSH and SCP	13
XModem	13
IGMP Snooping	14
Jumbo frames	14
Auto-MDI/MDIX	14
Auto-negotiation of duplex mode and speed	14
Redundant images in firmware	14
Component identification	15
GbE2c Layer 2/3 front panel	15
Installing the switch	16
Planning the switch configuration	16
Default settings	16
Switch security	17
User, operator, and administrator access rights	17
Manually configuring a switch	18
Configuring multiple switches	18
Using scripted CLI commands through Telnet	18
Using a configuration file	19
Installing the switch	19
Preparing for installation	19
Installing the switch	19
Accessing the switch	20
Logging on and configuring the switch	21
Installing SFP transceivers	21
Supporting software and special considerations	22
Replacing a switch	23
Replacing an existing switch	23
Regulatory compliance notices	25
Class A equipment	25
Modifications	25
Cables	25
Canadian notice	25
European Union regulatory notice	25
BSMI notice	26
Japanese class A notice	26
Korean class A notice	26
Laser compliance	27
Technical specifications	28
General specifications	28
Runtime switching software default settings	29
General default settings	29
Port names, VLANs, STP, trunking default settings	35
Physical and environmental specifications	36
Performance specifications	36
Performing a serial download	38
Introduction	38
Serial upgrade of boot code firmware image procedure	38
Serial upgrade of operating system firmware procedure	40
SNMP MIBs support	43
MIB overview	43
SNMP Manager software	43
Supported MIBs	44
Supported traps	44
Electrostatic discharge	46
Preventing electrostatic discharge	46
Grounding methods to prevent electrostatic discharge	46
RJ-45 pin specification	47
Standard RJ-45 receptacle/connector	47
Troubleshooting	48
Forgotten administrator user name and password that was configured on the switch	48
Health LED on the switch is not on	48
Health LED on the switch stays amber for more than 30 seconds and switch does not boot	49
No link LED appears, even after plugging the Category 5 cable in the RJ-45 connector of the external port	49
Cannot access the switch serial console interface using null modem connection from a PC Terminal Emulation Program	49
Error message that the switch failed to complete the system self-testing appears on the serial console screen	50
The switch fails to get its IP settings from the BOOTP server, even though by default it is configured for BOOTP	50
The keyboard locks up when using HyperTerminal to log on to the switch through the console interface	50
Cannot connect to the switch console interface remotely using Telnet	50
Password is not accepted by the switch using the remote console interface immediately after a reboot	51
Cannot connect to the switch console interface remotely using SSH	51
Cannot connect to the switch SNMP interface	51
The port activity LEDs continuously indicate activity after connection more than one port to another switch or destination device	51
Cannot connect to the switch remotely using the Web interface	52
Cannot enable a port in multiple VLANs while configuring VLANS	52
The switch does not let the user enable two adjacent ports into two different VLANs while assigning the ports to VLANs	52
While using TFTP to download firmware, the switch fails to connect to the TFTP server, or after connection the download fails	53
The switch fails to connect to the TFTP server while using TFTP to download or upload a configuration file, or after connection the download or upload files	53
The console screen displays a message to change the baud rate for the terminal emulation session for XModem transfer after forcing the switch into the download mode, and does not display CCCC...	54
The download fails after starting to download the firmware file	54
The switch configuration is corrupt	54

Match case Limit results 1 per page

Installing the switch 17

The Onboard Administrator module controls all port enabling. Enabling is based on matching ports

between the server and the interconnect bay. Before power up, the Onboard Administrator module

verifies that the server NIC option matches the switch bay that is selected and enables all ports for the

NICs installed.

NOTE:

Port 19 is reserved for connection to the Onboard Administrator module for switch

management. This allows a user to enable the functionality of future firmware upgrade

releases.

For detailed port mapping information, see the HP BladeSystem enclosure installation poster or the HP

BladeSystem enclosure setup and installation guide on the HP website

(

http://www.hp.com/go/bladesystem/documentation

When planning the configuration, consider the default settings for these parameters:

•

Switch IP settings

•

VLAN settings

•

STP settings

•

Port names and types

•

Port trunking settings

•

Interswitch X-Connect port settings

•

SNMP settings

•

User name and password settings

•

Default access to various management interfaces

•

NTP settings

IMPORTANT:

See "Runtime switching software default settings (on page

)" for a complete

list of default configuration settings.

Switch security

When planning the switch configuration, secure access to the management interface by:

•

Creating users with various access levels

•

Enabling or disabling access to various management interfaces to fit the security policy

•

Changing default SNMP community strings for read-only and read-write access

User, operator, and administrator access rights

To enable better switch management and user accountability, three levels or classes of user access have

been implemented on the switch. Levels of access to CLI, Web management functions, and screens

increase as needed to perform various switch management tasks. Conceptually, access classes are

defined as:

•

User interaction with the switch is completely passive. Nothing can be changed on the switch. Users

can display information that has no security or privacy implications, such as switch statistics and

current operational state information.

•

Operators can only effect temporary changes on the switch. These changes will be lost when the

switch is rebooted/reset. Operators have access to the switch management features used for daily

switch operations. Because any changes an operator makes are undone by a reset of the switch,

operators cannot severely impact switch operation.