Back to Contents Page

Configuring the Switch

Dell™ PowerConnect™ 6024/6024F Systems User's Guide

  General Configuration Information

  Other Configuration Requirements

  Booting the Switch

  Configuration Overview

  Initial Configuration

  Advanced Configuration

  Software Download and Reboot

  Sample Configuration Process

  Startup Menu Functions

  Out-of-Band Management Port


This section describes the initial device configuration and includes the following topics:

After completing all external connections, you must connect a terminal to the device to monitor the boot and other procedures. The order of installation and configuration procedures is illustrated in Figure . For the initial configuration, the standard device configuration is performed. You can perform other functions, but doing so suspends the installation process and causes a system reboot. Performing other functions is described later in this section.

NOTICE: Before proceeding, read the release notes for this product. You can download the release notes from support.dell.com.

Figure 5-1. Installation and Configuration Jobflow


General Configuration Information

Your switch has predefined features and setup configuration.

Auto-Negotiation

Auto-negotiation allows a device to advertise modes of operation and share information with another device that shares a point-to-point link segment. This automatically configures both devices to take maximum advantage of their abilities.

Auto-negotiation is performed completely within the physical layers during link initiation, without any additional overhead to either the MAC or higher protocol layers. Auto-negotiation allows the ports to do the following:

If connecting a port of the switch to the network interface card (NIC) of a workstation or server that does not support auto-negotiation or is not set to auto-negotiation, both the switching port and the NIC must be manually set with the Web browser interface or CLI commands to the same speed and duplex mode.

NOTICE: If the station on the other side of the link attempts to auto-negotiate with a port that is manually configured to full duplex, the auto-negotiation results in the station attempting to operate in half duplex. The resulting mismatch may lead to significant frame loss. This is inherent in the auto-negotiation standard.

Switching Port Default Settings

The following table describes the switch port default settings.

Table 5-1. Port Default Settings

Function

Default Setting

Port speed and mode

1000M Auto-negotiation

Port forwarding state

Enabled

Head of line blocking prevention

On (Enabled)

Flow Control

Off

Back Pressure

Off

The following is an example for changing the port speed on port g1 using CLI commands:

Console (config)# interface ethernet g1

Console (config-if)# speed 100

The following is an example for enabling flow control on port g1 using CLI commands:

Console (config)# interface ethernet g1

Console (config-if)# flowcontrol on

The following is an example for enabling back pressure on port g1 using CLI commands. Backpressure works only for the 10-Mbps mode of operation.

Console (config)# interface ethernet g1

Console (config-if)# speed 10

Console (config-if)# back-pressure

Terminal Connection Configuration

Your switch requires the following Terminal Connection parameters for configuration:

Baud Rate

The baud rates can be manually changed to any of the following values:

NOTE: The default baud rate is 115,200.
NOTE: Closing the device does not return the default baud rate. It must be specifically configured.
NOTE: The baud rate setting of the console is not saved in the general configuration file of the switch. It is directly stored in the non-volatile memory device of the switch.

The following is an example configuration for changing the default baud rate using CLI commands:

console# configure

console(config)# line console

console(config-line)# speed 115200


Other Configuration Requirements

The following is required for downloading embedded software and configuring the device:

NOTE: The configuration process defines only one port.

Booting the Switch

When the power is turned on with the local terminal already connected, the switch goes through Power On Self Test (POST). POST runs every time the device is initialized and checks hardware components to determine if the device is fully operational before completely booting.

If a critical problem is detected, the program flow stops. If POST passes successfully, a valid executable image is loaded into RAM.

POST messages are displayed on the terminal and indicate test success or failure.

To boot the switch, perform the following steps:

  1. Ensure that the ASCII cable is connected to the terminal.

  2. Connect the power supply to the switch.

  3. Power on the switch.

As the switch boots, the bootup test first counts the device memory availability and then continues to boot. The following screen is an example of the displayed POST:

Boot1 Checksum Test...............................PASS

Boot2 Checksum Test...............................PASS

Flash Image Validation Test.......................PASS

Testing CPU PCI Bus Device Configuration..........PASS

BOOT Version 1.0.0.13 Date 13-Aug-2003 Time 15:28:31

Autoboot in 2 seconds - press RETURN or Esc. to abort and enter prom.

The boot process runs approximately 30 seconds.

The auto-boot message that appears at the end of POST (see the last lines) indicates that no problems were encountered during boot.

During boot, you can use the Startup menu, if necessary to run special procedures. To enter the Startup menu, press <Esc> or <Enter> within the first two seconds after the auto-boot message appears. For information on the Startup menu, see "Startup Menu Functions."

If you do not interrupt the system boot by pressing <Esc> or <Enter>, the system continues operation by decompressing and loading the code into RAM. The code starts running from RAM and the list of numbered system ports and their states (up or down) are displayed.

NOTE: The following screen is an example configuration. Items such as addresses, versions, and dates may differ for each device.

Preparing to decompress...

Decompressing SW from image-1

d04000

OK

Running from RAM...

************************************************************** ****

** Running SW Ver. 1.0.1.06 Date 15-Sep-2003 Time 17:48:07 **

************************************************************** ****

HW version is 00.01.64

Base Mac address is: 00:00:b0:16:00:00

Dram size is : 256M bytes

Dram first block size is : 235520K bytes

Dram first PTR is : 0x1800000

Dram second block size is : 1984K bytes

Dram second PTR is : 0xFE00000

Flash size is: 16M

Tuning File info. Ver: 0.2.80 Creation date: Aug 20 2003 11:20:13

PowerConnect 6024

Tapi Version: v1.1a1-P18

Core Version: v1.1a1-P18

18-May-2003 16:24:41 %INIT-I-InitCompleted: Initialization task is completed

Start the sync process between devices 0 - 1

Sync OK

18-May-2003 16:24:41 %Box-W-PS-STAT-CHNG: PS# 1 status changed - not operational

.

18-May-2003 16:24:41 %Box-I-PS-STAT-CHNG: PS# 2 status changed - operational.

18-May-2003 16:24:41 %Box-W-FAN-STAT-CHNG: FAN# 1 status changed - operational.

18-May-2003 16:24:41 %Box-I-FAN-STAT-CHNG: FAN# 2 status changed - operational.

console> 18-May-2003 16:24:41 %DELL-I-STATUS: The product global status has chan

ged from ok to non-critical at time 900.

18-May-2003 16:24:42 %LINK-W-Down: g1

18-May-2003 16:24:42 %LINK-W-Down: g2

After the switch boots successfully, a system prompt appears (console>) and you can use the local terminal to begin configuring the switch. However, before configuring the switch, ensure that the software version installed on the device is the latest version. If it is not the latest version, download and install the latest version. See "Software Download and Reboot."


Configuration Overview

Your switch supports a 10/100 Mbps Ethernet out-of-band (OOB) management port that is connected directly to the device. This port supports system-administrator management applications. The OOB port is treated as an IP interface to the system, and all management interfaces are available over this port. However, the OOB port does not support user traffic. Packets are not switched or routed from any in-band port (Ethernet port other than OOB) to the OOB port.

Before assigning a static IP address to the PowerConnect™ device, obtain the following information from the network administrator:

There are two types of configuration: Initial configuration consists of configuration functions with basic security considerations, whereas advanced configuration includes dynamic IP configuration and more advanced security considerations.

NOTICE: After making any configuration changes, the new configuration must be saved before rebooting. To save the configuration, enter:

console# copy running-config startup-config


Initial Configuration

Initial configuration, which starts after the device has booted successfully, includes static IP address and subnet mask configuration, and setting user name and privilege level to allow remote management. If the device is to be managed from an SNMP-based management station, you must also configure SNMP community strings.

Static IP Address and Subnet Mask

IP interfaces can be configured on each port of your switch. After entering the configuration command, it is recommended to check if a port was configured with the IP address by entering the show ip interface command.

The commands to configure the device from the inband and the OOB ports are port specific.

Static Route Configuration

To manage the switch from a remote network, you must configure a static route, which is an IP address to where packets are sent when no entries are found in the device tables. The configured IP address must belong to the same subnet as one of the device IP interfaces.

To configure a static route, enter the command at the system prompt as shown in the following configuration example where 100.1.1.1 is the IP address of the specific management station:

console# configure

console(config)# interface vlan 1

console(config-if)# ip address 100.1.1.1 255.255.255.0

console(config-if)# exit

console# ip route 192.168.2.0 /24 100.1.1.33

NOTE: 100.1.1.33 is the IP address of the next hop that can be used to reach the management network 192.168.2.0.

console# show ip interface

Proxy ARP is disabled

IP Address I/F Type Directed

Broadcast

----------------------- ---------------------- --------- -----

100.1.1.1/24 vlan 1 static disable

OOB ip interfaces

Gateway IP Address Activity status

----------------------- -----------------------

10.6.12.1 active

IP Address I/F Type

----------------------- ---------------------- ---------

10.6.12.20/24 Oob-eth 1 dhcp

Assigning Static IP Addresses (on OOB Port)

console> enable

console# configure

console(config)# interface out-of-band-eth

console(config-oob)# ip address 10.1.1.1 255.0.0.0

console(config-oob)# ip default-gateway 10.1.1.10

console(config-oob)# exit

console#

Assigning Static IP Addresses (on an Inband Port)

console> enable

console# configure

console(config)# interface ethernet g8

console(config-if)# ip address 10.1.1.1 255.0.0.0

console(config-if)# exit

console(config)# ip route 10.1.2.0 /24 10.1.1.44

console(config)#

NOTE: 10.1.1.44 is the IP address of the next hop that can be used to reach the management network 10.1.2.0

User Name

You must configure a user name to manage the device remotely, for example through SSH, Telnet, or the Web interface. To gain complete administrative (super-user) control over the device, you must specify the highest priviledge (15).

NOTE: Only the administrator (super-user) with the highest priviledge level (15) is allowed to manage the device through the Web browser interface.

For more information about the privilege level, see the CLI Reference Guide.

The configured user name is entered as a login name for remote management sessions. To configure user name and privilege level, enter the command at the system prompt as shown in the configuration example:

console> enable

console# configure

console(config)# username admin password lee privilege 15

SNMP Community Strings

Simple Network Management Protocol (SNMP) provides a method for managing network devices. Devices supporting SNMP run a local software (agent). The SNMP agents maintain a list of variables, used to manage the device. The variables are defined in the Management Information Base (MIB). The MIB presents the variables controlled by the agent. The SNMP agent defines the MIB specification format, as well as the format used to access the information over the network. Access rights to the SNMP agents are controlled by access strings and SNMP community strings.

Your switch is SNMP-compliant and contains an SNMP agent that supports a set of standard and private MIB variables. Developers of management stations require the exact structure of the MIB tree and receive the complete private MIBs information before being able to manage the MIBs.

All parameters are manageable from any SNMP management platform, except the SNMP management station IP address and community (community name and access rights). The SNMP management access to the switch is disabled if no community strings exist.

NOTE: Your switch is delivered with no community strings configured.

The following screen displays the default device configuration:

console(config)# show snmp

---------------- -------------------- -------

OOB trap receivers

Trap-Rec-Address Trap-Rec-Community Version

---------------- -------------------- -------

System Contact:

System Location:

You can set the community-string, community-access, and IP address through the local terminal during the initial configuration procedure.

The SNMP configuration options are:

Common practice is to use two community strings for the switch—one (public community) with read-only access and the other (private community) with read-write access. The public string allows authorized management stations to retrieve MIB objects, while the private string allows authorized management stations to retrieve and modify MIB objects.

During initial configuration, it is recommended to configure the device according to the network administrator requirements, in accordance with using an SNMP-based management station.

To configure SNMP station IP address and community string(s):

  1. At the console prompt, enter the command enable. The prompt is displayed as #.

  2. Enter the command configure and press <Enter>.

  3. In the configuration mode, enter the SNMP configuration command with the parameters including community name (private), community access right (read and write) and IP address, as shown in the example below:

console# configure

config(config)# snmp-server community private rw 11.1.1.2 type router

config(config)# exit

console(config)# show snmp

Community-String             Community-Access IP address

-------------------- ---------------- --------------

private readWrite       11.1.1.2

OOB management stations

Community-String Community-Access IP address

-------------------- ---------------- ---------------

Traps are enabled.

Authentication-failure trap is enabled.

Trap-Rec-Address Trap-Rec-Community Version

---------------- -------------------- -------

OOB trap receivers

Trap-Rec-Address Trap-Rec-Community Version

---------------- ----------------------------------------- ---

System

Contact:

System Location:

This completes the initial configuration of the device from a local terminal. The configured parameters enable further device configuration from any remote location.


Advanced Configuration

This section provides information about dynamic allocation of IP addresses and security management based on the authentication, authorization, and accounting (AAA) mechanism, and includes the following topics:

When configuring/receiving IP addresses through DHCP and BOOTP, the configuration received from these servers includes the IP address, and may include subnet mask and default gateway.

Retrieving an IP Address From a DHCP Server

When using the DHCP protocol to retrieve an IP address, the device acts as a DHCP client.

To retrieve an IP address from a DHCP server, perform the following steps:

  1. Select and connect any port to a DHCP server or to a subnet that has a DHCP server on it, in order to retrieve the IP address.

  2. Enter the following commands to use the selected port for receiving the IP address. In the following example, the commands are based on the port type used for configuration.

console# configure

console(config)# interface ethernet g1

console(config-if)# ip address dhcp hostname dell

console(config-if)# exit

console(config)#

console# configure

console(config)# interface out-of-band-eth

console(config-oob)# ip address dhcp hostname dell

console(config-oob)# exit

console(config)# exit

console#

The interface receives the IP address automatically.

  1. To verify the IP address, enter the show ip interface command at the system prompt as shown in the following example.

console# show ip interface

IP Address I/F Type Directed Broadcast

----------------------- ---------------------- ---------------

100.1.1.1/24 vlan 1 static disable

OOB ip interfaces

Gateway IP Address Activity status

----------------------- -----------------------

10.6.12.1 active

IP Address I/F Type

-------------- ---------------------- ---------

10.6.12.20/24 Oob-eth 1 dhcp

NOTE: You do not need to delete the device configuration to retrieve an IP address for the DHCP server.
NOTE: When copying configuration files, avoid using a configuration file that contains an instruction to enable DHCP on an interface that connects to the same DHCP server, or to one with an identical configuration. In this instance, the switch retrieves the new configuration file and boots from it. The switch then enables DHCP as instructed in the new configuration file, and the DHCP instructs it to reload the same file again.

Receiving an IP Address From a BOOTP Server

The standard BOOTP protocol is supported and enables the switch to automatically download its IP host configuration from any standard BOOTP server in the network. In this case, the device acts as a BOOTP client.

To retrieve an IP address from a BOOTP server:

  1. Select and connect any port to a BOOTP server or subnet containing such a server, to retrieve the IP address.

  2. At the system prompt, enter the delete startup configuration command to delete the startup configuration from flash.

The device reboots with no configuration and in 60 seconds starts sending BOOTP requests.

The device receives the IP address automatically.

NOTE: When the device reboot begins, any input at the ASCII terminal or keyboard automatically cancels the BOOTP process before completion and the device does not recieve an IP address from the BOOTP server.

The following example illustrates the process:

console> enable

console# delete startup-config

Startup file was deleted

console# reload

You haven't saved your changes. Are you sure you want to continue (y/n) [n]?

This command will reset the whole system and disconnect your current session. Do you want to continue (y/n) [n]?

******************************************************

/* the device reboots */

To verify the IP address, enter the show ip interface command.

The device is now configured with an IP address.

Security Management and Password Configuration

System security is handled through the AAA (Authentication, Authorization, and Accounting) mechanism that manages user access rights, privileges, and management methods. AAA uses both local and remote user databases. Data encryption is handled through the SSH mechanism.

The system is delivered with no default password configured; all passwords are user-defined. If a user-defined password is lost, a password recovery procedure can be invoked from the Startup menu. The procedure is applicable for the local terminal only and allows a one-time access to the device from the local terminal with no password entered.

Configuring Security Passwords

The security passwords can be configured for the following services:

NOTE: Passwords are user-defined.
NOTE: When creating a user name, the default priority is "1," which allows access but not configuration rights. A priority of "15" must be set to enable access and configuration rights to the device. Although user names can be assigned privilege level 15 without a password, it is recommended to always assign a password. If there is no specified password, privileged users can access the Web interface with any password.

Configuring an Initial Console Password

To configure an initial console password, enter the following commands:

console(config)# aaa authentication login default line

console(config)# aaa authentication enable default line

console(config)# line console

console(config-line)# login authentication default

console(config-line)# enable authentication default

console(config-line)# password george

Configuring an Initial Telnet Password

To configure an initial Telnet password, enter the following commands:

console(config)# aaa authentication login default line

console(config)# aaa authentication enable default line

console(config)# line telnet

console(config-line)# login authentication default

console(config-line)# enable authentication default

console(config-line)# password bob

Configuring an Initial SSH password

To configure an initial SSH password, enter the following commands:

console(config)# aaa authentication login default line

console(config)# aaa authentication enable default line

console(config)# line ssh

console(config-line)# login authentication default

console(config-line)# enable authentication default

console(config-line)# password jones.

Configuring an Initial HTTP Password

To configure an initial HTTP password, enter the following commands:

console(config)# ip http authentication local

console(config)# username admin password user1 level 15

Configuring an initial HTTPS password:

To configure an initial HTTPS password, enter the following commands:

console(config)# ip https authentication local

console(config)# username admin password user1 level 15

Enter the following commands once when configuring to use a console, a Telnet, or an SSH session in order to use an HTTPS session.

NOTE: In the Web browser enable SSL 2.0 or greater for the content of the page to appear.

console(config)# crypto certificate generate key_generate

console(config)# ip https server

When initially enabling an http or https session, enter admin for user name and user1 for password.

NOTE: Http and Https services require level 15 access and connect directly to the configuration level access.

Software Download and Reboot

Software Download Through XModem

This section contains instructions for downloading device software (system and boot images) using XModem, which is a data transfer protocol for updating back-up configuration files.

To download a boot file using XModem:

  1. Enter the command console# xmodem: boot.

The switch is ready to receive the file via the XModem protocol and displays text similar to the following:

console# copy xmodem: boot

Please download program using XMODEM.

console#

  1. Specify the path of the source file within 20 seconds.

If the path is not specified within 20 seconds, the command times out.

To download a software image file using XModem:

  1. Enter the command console# xmodem: image.

The switch is ready to receive the file via the XModem protocol.

  1. Specify the path of the source file to begin the transfer process.

The following is an example of the information that appears:

console# copy xmodem: image

Please download program using XMODEM.

console#

Software Download Through TFTP Server

This section contains instructions for downloading switch software (system and boot images) through a TFTP server. The TFTP server must be configured before downloading the software.

The switch boots and runs when decompressing the system image from the flash memory area where a copy of the system image is stored. When a new image is downloaded, it is saved in the other area allocated for the additional system image copy.

On the next boot, the switch decompresses and runs the currently active system image unless chosen otherwise.

To download an image through the TFTP server:

  1. Ensure that an IP address is configured on one of the device ports and pings can be sent to a TFTP server.

  2. Make sure that the file to be downloaded is saved on the TFTP server (the DOS file).

  3. Enter the command console# show version to verify which software version is currently running on the device.

The following is an example of the information that appears:

console# show version
SW version 3.31.42 ( date 22-Jul-2003 time 13:42:41 )
Boot version 1.31.03 (date 01-Jun-2003 time 15:12:20 )
HW version

  1. Enter the command console# show bootvar to verify which system image is currently active. The following is an example of the information that appears:

console# show bootvar
Images currently available on the Flash
Image-1 active (selected for next boot)
Image-2 not active
console#

  1. Enter the command console# copy tftp://{tftp address}/{file name} image to copy a new system image to the device.

When the new image is downloaded, it is saved in the area allocated for the other copy of system image (image-2, as given in the example). The following is an example of the information that appears:

console# copy tftp://176.215.31.3/file1 image
Accessing file file1 on 176.215.31.3...

Loading file1 from 176.215.31.3: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!! Copy took 00:01:11 [hh:mm:ss]

Exclamation symbols indicate that a copying process is in progress. A period indicates that the copying process is timed out. Many periods in a row indicate that the copying process failed.

  1. Select the image for the next boot by entering the boot system command. After this command, enter the command console# show bootvar to verify that the copy indicated as a parameter in the boot system command is selected for the next boot.

The following is an example of the information that appears:

console# boot system image-2
console# sh bootvar
Images currently available on the Flash
Image-1 active
Image-2 not active (selected for next boot)

If the image for the next boot is not selected by entering the boot system command, the system boots from the currently active image (image-1, as given in the example).

  1. Enter the command reload. The following message is displayed:

console# reload
This command will reset the whole system and disconnect your current session. Do you want to continue (y/n) [n] ?

  1. Enter Y to reboot the switch.

Boot Image Download

Loading a new boot image from the TFTP server and programming it into the flash updates the boot image. The boot image is loaded when the switch is powered on.

To download a boot file through the TFTP server:

  1. Ensure that an IP address is configured on one of the device ports and pings can be sent to a TFTP server.

  2. Make sure that the file to be downloaded (the .rfb file) is saved on the TFTP server.

  3. Enter the command console# show version to verify which boot version is currently running on the device.

The following is an example of the information that appears:

console# show version
SW version 3.31.42 ( date 22-Jul-2003 time 13:42:41 )
Boot version 1.31.03 (date 01-Jun-2003 time 15:12:20 )
HW version 00.00.01 (date 01-May-2003 time 12:12:20 )

  1. Enter the command console# copy tftp://{tftp address}/{file name} boot to copy the boot image to the switch.

The following is an example of the information that appears:

console# copy tftp://176.215.31.3/6024_boot-10013.rfb
Erasing file ...done. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!! Copy: 393232 bytes copied in 00:00:05 [hh:mm:ss]

  1. Enter the command reload.

The following message is displayed:

console# reload
This command will reset the whole system and disconnect your current session. Do you want to continue (y/n) [n] ?

  1. Enter Y to reboot the switch.


Sample Configuration Process

This section provides the basic steps required to establish a remote network management connection with the switch. This section does not explain the various configurations available on the switch or the relevant commands.

This section also describes accessing a switch for the first time with the default configuration and definitions. If a previously entered configuration causes problems, the startup-configuration file—which is the configuration of device when powered up—should be erased and device rebooted, see "Device Default Settings."

Device Setup Requirements

The following components are required for the purpose of this example:

Initial Connection

  1. Using the RS-232 port, connect the switch to the workstation.

  2. Set the ASCII terminal with the following settings and select the appropriate COM port.

The sample screen uses the HyperTerminal.

Figure 5-2. HyperTerminal Properties Window

NOTE: 115,200 is the default baud rate for new device. The device may have another baud rate. If using the 115,200 baud rate does not result in viewing the device terminal, try other baud rate.
  1. Use an F2F null modem cable to connect the workstation to the switch.

  2. Connect the device power cord and power up the device.

The following screen is displayed:

**************************************************

***************** SYSTEM RESET *****************

**************************************************

Booting...

Boot1 Checksum Test...............................PASS

Boot2 Checksum Test...............................PASS

Flash Image Validation Test.......................PASS

Testing CPU PCI Bus Configuration.................PASS

BOOT Version 1.0.0.13 Date 13-Aug-2003 Time 15:28:31

Autoboot in 2 seconds - press RETURN or Esc. to abort and enter prom.

At this point, you can enter the Startup menu, if necessary, to run special procedures. If you do not enter the Startup menu, the system continues operation by decompressing the code into RAM. The code starts running from RAM and the list of available port numbers and their states (up or down) are displayed.

NOTE: The following screen is an example configuration. Items such as addresses, versions, and dates may differ for each device.

Preparing to decompress...

Decompressing SW from image-1

d04000

OK

Running from RAM...

************************************************************** *******

*** Running SW Ver. 1.0.1.06 Date 15-Sep-2003 Time 17:48:07 ***

************************************************************** *******

HW version is 00.01.64

Base Mac address is: 00:00:b0:16:00:00

Dram size is : 256M bytes

Dram first block size is : 235520K bytes

Dram first PTR is : 0x1800000

Dram second block size is : 1984K bytes

Dram second PTR is : 0xFE00000

Flash size is: 16M

Tuning File info. Ver: 0.2.80 Creation date: Aug 20 2003 11:20:13

PowerConnect 6024

Tapi Version: v1.1a1-P18

Core Version: v1.1a1-P18

18-May-2003 16:24:41 %INIT-I-InitCompleted: Initialization task is completed

Start the sync process between devices 0 - 1

Sync OK

18-May-2003 16:24:41 %Box-W-PS-STAT-CHNG: PS# 1 status changed - not operational

.

18-May-2003 16:24:41 %Box-I-PS-STAT-CHNG: PS# 2 status changed - operational.

18-May-2003 16:24:41 %Box-W-FAN-STAT-CHNG: FAN# 1 status changed - operational.

18-May-2003 16:24:41 %Box-I-FAN-STAT-CHNG: FAN# 2 status changed - operational.

console> 18-May-2003 16:24:41 %DELL-I-STATUS: The product global status has chan

ged from ok to non-critical at time 900.

18-May-2003 16:24:42 %LINK-W-Down: g1

18-May-2003 16:24:42 %LINK-W-Down: g2

The device is ready for configuration.

Device Default Settings

To return to device default settings use delete startup-config command at the privileged mode prompt (#), and reboot the device. Once device reloads – it is set with the default settings.

console>

console> enable

console# delete startup-config

Startup file was deleted

console# reload

This command will reset the whole system and disconnect your current

session. Do you want to continue (y/n) [n] ?

y

**************************************************

***************** SYSTEM RESET *****************

**************************************************

.

.

.

.

Enabling Remote Management

  1. Enter the enable command at the console to enter the Privileged EXEC screen mode as follows:

console>enable

console#

  1. Connect the management station (PC) to the device via one of the Ethernet ports, or through a network connected to the device, using a CAT5 Cable.

This example will use port g1.

  1. Ensure (on the ASCII terminal) that the interface status changed to "up" and that the STP status is forwarding (after 30 seconds) as shown below:

Console#

01-Jan-2000 01:43:03 %LINK-I-Up: Vlan 1

01-Jan-2000 01:43:03 %LINK-I-Up: g1

01-Jan-2000 01:43:34 %STP-I-PORTSTATUS: Port g1: STP status Forwarding

  1. Enter the config command at the console to enter the Configuration screen mode as follows:

console# config

  1. Enter the interface vlan command at the console to enter the VLAN Configuration screen mode through the default VLAN 1 (tag = 1) as follows:

console(config)# interface vlan 1

console (config-if)#

  1. Define an IP address on the device by assigning an IP address (in this example 50.1.1.1) to the VLAN containing the interface connected to the management station . If the management station is connected directly to the interface, the IP address on the VLAN must have the same subnet as the management station.

console(config)#

console(config-if)# ip address 50.1.1.1 225.0.0.0

console(config-if)#

  1. If the management station is a member of a remote network, and is not directly connected to the interface, configure a static route.

The configured IP address must belong to the same subnet as one of the device IP interfaces. In this example the static address is 50.1.1.100.

console(config-if)# exit

console(config)# ip route 0.0.0.0 0.0.0.0 50.1.1.100

console(config)#

  1. Ping the management station from the switch to make sure that connectivity has been achieved.

Wait 30 seconds for port to be in STP forwarding before pinging the management station. Management station IP is (in this example) 50.1.1.2:

console(config)#

console(config)# exit

console# ping 50.1.1.2

64 bytes from 50.1.1.2: icmp_seq=1. time=0 ms

64 bytes from 50.1.1.2: icmp_seq=2. time=0 ms

64 bytes from 50.1.1.2: icmp_seq=3. time=0 ms

64 bytes from 50.1.1.2: icmp_seq=4. time=0 ms

----50.1.1.2 PING Statistics----

4 packets transmitted, 4 packets received, 0% packet loss

round-trip (ms) min/avg/max = 0/0/0

console#

  1. Define a user name and password to allow privileged level 15 device access for a remote user (HTTP and HTTPS).

In this example the user name and password is "Dell," user name is "Dell," and the privilege level is 15. Privilege levels range from 1-15, with 15 being the highest level. Level 15 access is the only level of access for the Web interface.

console# config

console(config)# username Dell password Dell privilege 15

console(config)# ip http authentication local

console(config)# ip https authentication local

console(config)# crypto certificate generate key_generate

Generating RSA private key, 1024 bit long modulus

console(config)# ip https server

  1. Define a user name and password to allow access for a local user—console, Telnet, Web Server, for example.

In this example the user name and password is "Dell," and the privilege level is 15.

console(config)# username Dell password Dell privilege 15

console(config)#

console(config)# aaa authentication login default line

console(config)# aaa authentication enable default line

console(config)# line console

console(config-line)# login authentication default

console(config-line)# enable authentication default

console(config-line)# password tom

console(config-line)# exit

console(config)# line telnet

console(config-line)# login authentication default

console(config-line)# enable authentication default

console(config-line)# password bob

console(config-line)# exit

console(config)# line ssh

console(config-line)# login authentication default

console(config-line)# enable authentication default

console(config-line)# password jones

console(config-line)# exit

  1. Save the running-config file to the startup-config file.

This ensures that the configuration just completed is the same if the device is rebooted.

console(config-line)# exit

console(config)# exit

console# copy running-config startup-config

The device is now configured and can be managed through the different options such as Telnet, Web browser interface, and others.

Setting the IP Address of the Management Station

  1. On the management station, click Start Settings Network and Dial-up Connections.

  2. Right-click the network connection that is used for management, and select Properties.

The connection properties window is displayed.

Figure 5-3. Local Area Connection Properties Window

  1. Click Internet Protocol (TCP/IP) and then click Properties.

The Internet Protocol (TCP/IP) Properties window is displayed.

Figure 5-4. Internet Protocol (TCP/IP) Properties Window

  1. Click Use the following IP address.

  2. Enter the appropriate addresses for the management station in the IP address, Subnet mask, and Default gateway fields.

NOTE: If the management station is connected to a router and not directly to the 6024/6024F switch, the default gateway must be configured as the IP address of the router interface connected to the management station (which leads to the 6024/6024F switch).

Enabling Telnet Access

Use the Windows/DOS command line or a Telnet application to access the device via a Telnet. Remember to enter the appropriate password. The connection is done with the IP address defined on the device.

When access is granted, command usage is the same as in direct device management:

  1. On the management station, click Start Run.

  2. In the Run window, type cmd and click OK.

The standard Windows command line interface is displayed.

  1. Enter the command Telnet and the device IP address, such as the following:

Microsoft Windows 2000 [Version 5.00.2195]

(C) Copyright 1985-2000 Microsoft Corp.

C:\>telnet 50.1.1.1

11-Aug-20 03 11:14:06 %MSCM-I-NEWTERM: New TELNET connection from 50.1.1.2

Password:***

console> enable

Password:***

console# show ip interface

Proxy ARP is disabled

IP Address I/F Type Directed Broadcast

------------- ------- ------ ---------------

100.1.1.1/24 vlan 1 static disable

OOB ip interfaces

Gateway IP Address Activity status

----------------------- -----------------------

10.6.12.1 active

IP Address I/F Type

----------------------- ---------------------- ---------

10.6.12.20/24 Oob-eth 1 dhcp

The switch indicates the Telnet session status:

console> 01-Jan-2000 02:39:04 %MSCM-I-NEWTERM: New TELNET connection from 50.1.1.2

01Jan-2000 02:39:11 %MSCM-I-TERMTERMINATED: TELNET connection from 50.1.1.2 terminated

Enabling Web Access (HTTP Server)

  1. To prevent problems that may occur when using an HTTP proxy server, disable (uncheck) the proxy setting on the browser.

    1. In Microsoft Internet Explorer, click Tools Internet Options.

    1. Click the Connections tab and then click LAN Settings to display the Local Area Network (LAN) Settings window.

    2. Ensure that the Use a proxy server check box is cleared, and then click OK.

Figure 5-5. Local Area Network (LAN) Settings Window

    1. Click OK to close the Internet Options window.

  1. In the browser window enter the IP previously configured on the device (with or without http:// prefix).

Figure 5-6. Logging onto the Web Interface

The password authentication window is displayed.

  1. Enter the assigned user name and password.

The Dell OpenManage Switch Administrator is displayed.

NOTE: If no password is defined, any password is accepted.

Figure 5-7. Dell OpenManage Switch Administrator Page

Configuring Secure Management Access (HTTPS)

When managing the device securely via the standard Web browser the SSL (Secure Socket Layer) security protocol is used.

To manage the device securely via the standard Web browser, perform the following:

  1. Configure the switch to allow HTTPS server, and to create a security key, use the commands ip https server and crypto certificate generate key-generate:

console# configure

console(config)# ip https server

console(config)# crypto certificate generate key-generate

Generating RSA private key, 1024 bit long modulus

console(config)#

  1. Configure the management station the same as for a regular HTTP connection (see "Enabling Web Access (HTTP Server))".

  2. Connect to the device via HTTPS by typing the address https://<device IP address> in the browser window (https must be typed):

Figure 5-8. Logging Onto the Web Interface With a Secure Connection

The Security Alert window is displayed.

  1. Click Yes to confirm accept the security certification (if it is not authenticated by a third party).

  2. The Enter Network Password window is displayed.

  3. Enter the assigned user name and password.

The device Dell OpenManage Switch Administrator is displayed.


Startup Menu Functions

You can perform additional configuration from the Startup menu.

To display the Startup menu:

  1. During the boot process, after the first part of the POST is completed press <Esc> or <Enter> within two seconds after the following message is displayed:

Autoboot in 2 seconds -press RETURN or Esc.to abort and enter prom.

The Startup menu is displayed and contains the following configuration functions:

[1] Download Software

[2] Erase Flash File

[3] Erase Flash Sectors

[4] Password Recovery Procedure

[5] Enter Diagnostic Mode

[6] Back Enter your choice or press 'ESC' to exit:

The following sections describe the Startup menu options. If no selection is made within 25 seconds (default), the switch times out.

Only technical support personnel can operate the Diagnostics Mode. For this reason, the Enter Diagnostic Mode option of the Startup menu is not described in this guide.

Download Software

Use the software download option when a new software version must be downloaded to replace corrupted files, update, or upgrade the system software.

To download software from the Startup menu:

  1. On the Startup menu, press <1>.

The following prompt is displayed:

Downloading code using XMODEM

  1. When using HyperTerminal, click Transfer on the HyperTerminal menu bar.

  2. From the Transfer menu, click Send File.

The Send File window is displayed.

  1. Enter the file path for the file to be downloaded.

  2. Ensure the protocol is defined as Xmodem.

  3. Click Send.

The software is downloaded. Software downloading takes several minutes. The terminal emulation application, such as HyperTerminal, may display the progress of the loading process.

After software downloads, the device reboots automatically.

Erase FLASH File

In some cases, the device configuration must be erased. If the configuration is erased, all parameters configured via CLI, Web browser interface, or SNMP must be reconfigured.

To erase the device configuration:

  1. From the Startup menu, press <2> within 6 seconds to erase flash file.

The following message is displayed:

Warning! About to erase a Flash file.

Are you sure (Y/N)? y

  1. Press <Y>.

NOTE: Do not press <Enter>.

The following message is displayed.

Write Flash file name (Up to 8 characters, Enter for none.):config File config (if present) will be erased after system initialization

======== Press Enter To Continue ========

  1. Enter config as the name of the flash file.

The configuration is erased and the device reboots.

  1. Perform the switch's initial configuration.

Erase FLASH Sectors

For troubleshooting purposes, you may need to erase flash sectors. If the flash is erased, all software files must be downloaded and installed again.

To erase the FLASH:

  1. From the Startup menu, press <3> within 6 seconds.

The following message is displayed:

Enter your choice or press 'ESC' to exit:

Warning! About to erase flash!

FLASH size = 0x2060000. Sectors = 127

Are you sure (Y/N) ?

  1. Confirm by pressing <Y>.

The following message is displayed:

Enter First flash sector (1 - 127):

  1. Enter the first flash block to be erased and press <Enter>.

The value range is 1-127. The following message is displayed:

Enter Last flash sector (1 - 127):

  1. Enter the last flash block to be erased and press <Enter>.

  2. The following message is displayed:

Are you sure (Y/N)

  1. Confirm by pressing <Y>.

The following message is displayed:

Erasing flash blocks 1 - 127: Done.

Password Recovery

If a password is lost, use the Password Recovery option on the Startup menu. The procedure enables the user to enter the device once without a password.

To recover a lost password for the local terminal only:

  1. From the Startup menu, select [4] and press <Enter>.

The password is deleted.

  1. To ensure device security, reconfigure passwords for applicable management methods.


Out-of-Band Management Port

The out-of-band (OOB)management port is a 10/100-Mbps Ethernet port that can be used to connect directly to the switch to perform system administrator management functions. This port is regarded as a regular IP interface to the system, and all management interfaces are

available over this port.

No inband interfaces can be accessed via the OOB port. Similarly, the OOB port cannot be accessed via the inband ports. Because network management functionality can be performed using OOB, you should use the OOB port for all network management functions, including Web management; image, boot, and configuration download/upload; Telnet; SNMP management; and so forth.

Unlike the inband ports, OOB is not used for routing or switching purposes. Using the OOB port rather than an inband port for network management ensures that all inband Gigabit ports will be used only for bridging or routing user traffic. This completely separates management and user traffic.

The following sections contain examples of OOB commands.

Assigning Dynamic IP Addresses (on an OOB Port)

console#configure

console(config)#interface out-of-band-eth

console(config-oob)#ip address dhcp hostname dell

console(config-oob)#exit

console(config)#exit

console#

Assigning Static IP Addresses (on an OOB Port)

console>enable

console#configure

console(config)#interface out-of-band-eth

console(config-oob)#ip address 10.1.1.1 255.0.0.0

console(config-oob)#ip default-gateway 10.1.1.10

console(config-oob)#exit

console#

Assigning an IP Default Gateway (on an OOB Port)

console>

console>enable

console#configure

console(config)#interface out-of-band-eth

console(config-oob)#ip address 10.0.0.1 /8

console(config-oob)#ip default-gateway 10.1.1.1

console(config-oob)#exit

Ping via OOB

console#ping oob/10.6.12.25

Copy Image/Boot

copy tftp://oob/10.6.12.25/ves_115.dos image

copy tftp://oob/10.6.12.25/boot_013.rfb boot

Additional Information

For more information about configuring OOB, see "Configuring Out-Of-Band (OOB) Management Ports."


Back to Contents Page