Fujitsu BX600 SB9 Remote Console Access, Configuration of SSH, Configure the SB9, Test the login

Page 38

White Paper Issue: October 2006 Integration of BX600 SB9 Switches in Cisco Networks

Page 38 / 47

Step 3: Test the SNMP configuration using your favorite SNMP management tool

The following tests have been done using NET-SNMP with SNMPv2:

C:\>snmpwalk -v 2c -c read 10.0.1.70 system SNMPv2-MIB::sysDescr.0 = STRING: FSC SwitchBlade SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.231

DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (26581200) 3 days, 1:50:12.00

SNMPv2-MIB::sysContact.0 = STRING: Test123

SNMPv2-MIB::sysName.0 = STRING: bx6-sb9-a

SNMPv2-MIB::sysLocation.0 = STRING: Team PCT

SNMPv2-MIB::sysServices.0 = INTEGER: 6

SNMPv2-MIB::sysORLastChange.0 = Timeticks: (500) 0:00:05.00

C:\>snmpget -v 2c -c write 10.0.1.70 sysContact.0

SNMPv2-MIB::sysContact.0 = STRING: Test123

C:\>snmpset -v 2c -c write 10.0.1.70 sysContact.0 s "SNMP v2c Write Test" SNMPv2-MIB::sysContact.0 = STRING: SNMP v2c Write Test

C:\>snmpget -v 2c -c write 10.0.1.70 sysContact.0

SNMPv2-MIB::sysContact.0 = STRING: SNMP v2c Write Test

C:\>snmpset -v 2c -c read 10.0.1.70 sysContact.0 s "SNMP v2c Read-Only Test" Error in packet.

Reason: noAccess

Failed object: SNMPv2-MIB::sysContact.0

4.3Remote Console Access

4.3.1 Introduction

In addition to the web interface, the SB9 supports three methods of accessing the command line interface:

Console access using console redirection of the management blade

Telnet access

SSH access

During the initial setup, console redirection is the only possible way of accessing the switch. Access using telnet or SSH will subsequently be more convenient.

4.3.2 Recommended Solution

Telnet is an unencrypted protocol, which means that not only the data but also the password is sent unencrypted over IP. For this reason most enterprise customers prefer not to use telnet. SSH encrypts not only the password but also the entire data traffic, and is the preferred protocol for remote console access.

We recommend you to enable SSH and disable telnet access to the switch.

4.3.3 Configuration of SSH

The following steps are necessary to enable SSH and disable telnet.

Step 1: Configure the SB9

Step 2: Test the login

Step 1: Configure the SB9

!SB9 ssh configuration

!Enable ssh

ip ssh

!Set the procol version 2 ip ssh protocol 2

!Disable telnet

line vty no sessions exit

Step 2: Test the login

One of the popular SSH clients is “putty” which is distributed under license from MIT.

C:\> putty bx6-sb9-b

login as: test-ro

test-ro @bx6-sb9-b's password:

(bx6-sb9-b) >

Page 37 Page 39
Image 38
Page 37 Page 39
Contents Switch Management Contents Introduction Switch ConnectivityBasic Multicast Services Page Introduction Auto Negotiation Recommended SolutionConfiguration Network problems Port AggregationSet up the port-channel Shut down the affected ports to avoid loopsBring up the affected ports Verify the operation of the port-channelsVlan Trunk between SB9 and Cisco Switch VLANs and TrunksDefine the VLANs Configure the port-channelsConfigure Vlan trunk Verify the Vlan trunk GvrpSpanning Tree Protocol Running ST P 802.1D with PVST+ on Vlan TrunksSB9 Running PVST+ on Vlan Trunks while disabling STP at the SB9Combining RAPID-PVST and 802.1w Rapid Spanning TreeCombining RAPID-PVST and 802.1w after failure of Po1 Configure the switches SB9 SwitchConfiguration with Vlan Trunks Network loopsPage Page Verify the configuration STPPage Configuration example Rstp without Vlan trunks Configuration without Vlan TrunksPage Mode Type State Role Enabled Forwarding Designated Disabled Enabled Disabled PC Mbr Manual forwarding Interface Access Port and NIC Configuration BX600 port mappingTypical access port configuration Configure the access ports of the switchesConfigure the Broadcom NIC Page Configure the Intel Adapter Page Select Switch Fault Tolerance and press Next Press Finish Configure a Link State Group Link StateEnable multicast routing and Igmp at the layer 3 switch Recommended solutionConfiguration Enable Igmp snooping at all Layer 2 switchesVlan Page Configure the SB9 for broadcast Sntp Configuration of syslog and SntpConfigure the SB9 for unicast Sntp Configure the SB9 for logging and syslogTest the configuration Configure SNMPv3 authentication Configuration of SnmpConfigure Snmp for SNMPv1 and SNMPv2c SnmpConfigure the SB9 Remote Console AccessConfiguration of SSH Test the loginPrepare the ACS Configuration of RadiusIntegration into Radius and TACACS+ Page Specify the user’s password and press Submit Test the login Configuration of Tacacs Page Configure the SB9 Cisco Discovery Protocol Configuration of CDPCheck the configuration Further information in the Internet Configuration of Port MonitoringPort Monitoring
Top Page Image Contents