HP 2500 manual Reading Intrusion Alerts and Resetting Alert Flags, How the Intrusion Log Operates

Page 162

Using Passwords, Port Security, and Authorized IP

Using Passwords, Port Security, and Authorized IP Managers To Protect Against Unauthorized Access

Configuring and Monitoring Port Security

To access the web-based Help provided for the switch, click on [?] in the web browser screen.

Reading Intrusion Alerts and Resetting Alert Flags

Notice of Security Violations

When the switch detects an intrusion on a port, it sets an “alert flag” for that port and makes the intrusion information available as described below. While the switch can detect additional intrusions for the same port, it does not list the next chronological intrusion for that port in the Intrusion Log until the alert flag for that port has been reset.

When a security violation occurs on a port configured for Port Security, the switch responds in the following ways to notify you:

The switch sets an alert flag for that port. This flag remains set until:

You use either the CLI, menu interface, or web browser interface to reset the flag.

The switch is reset to its factory default configuration.

The switch enables notification of the intrusion through the following means:

In the CLI:

The show intrusion-logcommand displays the Intrusion Log

The log command displays the Event Log

In the menu interface:

The Port Status screen includes a per-port intrusion alert

The Event Log includes per-port entries for security violations

In the web browser interface:

The Alert Log’s Status Overview window includes entries for per- port security violations

The Intrusion Log in the Security Intrusion Log window lists per- port security violation entries

In HP TopTools for Hubs & Switches via an SNMP trap sent to a net management station

How the Intrusion Log Operates

When the switch detects an intrusion attempt on a port, it enters a record of this event in the Intrusion Log. No further intrusion attempts on that port will appear in the Log until you acknowledge the earlier intrusion event by reset- ting the alert flag.

7-22

Image 162
Contents Hp procurve series 2500 switches Page HP ProCurve Switches 2512 Management and Configuration GuidePublication Number Use of This Guide and Other ProCurve Switch Documentation PrefacePreface Page Contents Using a Standalone Web Browser in a PC or Unix Workstation Tasks for Your First HP Web Browser Interface SessionGlobally Assigned IP Network Addresses Chapter Contents Overview ViiiWeb Configuring IP Authorized Managers Web Displaying and Configuring Port Security FeaturesMenu Viewing and Configuring IP Authorized Managers Operating and Troubleshooting NotesAdvanced Management Rmon and HP Extended Rmon Support Extended RmonVlan Support and the Default Vlan Another Stack Monitoring Stack StatusIgmp Operating Features Multimedia Traffic Control with IP Multicast Igmp10-8 10-9Using the Event Log To Identify Problem Sources Daylight Savings Time on HP ProCurve Switches Xvi Chapter Contents Selecting a Management InterfaceSelecting a Management Interface OverviewUnderstanding Management Interfaces Selecting a Management InterfaceEnables Telnet in-band access to the menu functionality Advantages of Using the Menu InterfaceMenu interface also provides access for Advantages of Using the Menu InterfaceCLI Usage Advantages of Using the CLIHP2512config# HP2512Advantages of Using the HP Web Browser Interface Advantages of Using the HP Web Browser InterfaceAdvantages of Using HP TopTools for Hubs & Switches Advantages of Using HP TopTools for Hubs & SwitchesInterface Selecting a Management Interface Using the Menu Interface Starting and Ending a Menu SessionScreen Structure and Navigation Using Configure these featuresUsing the Menu Interface Menu InterfaceStarting and Ending a Menu Session Menu Interaction with Other InterfacesStarting and Ending a Menu Session HP2512# menu Enter How To Start a Menu Interface SessionPassword ResultsHow To End a Menu Session and Exit from the Console Main Menu with Manager PrivilegesUsing the Menu Interface Main Menu Features Main Menu FeaturesUsing the Menu Interface Screen Structure and Navigation Screen Structure and NavigationHow To Navigate in the Menu Interface TaskActionsExample Showing How To Display Help Rebooting the Switch Rebooting the SwitchIndication of a Configuration Change Requiring a Reboot Reboot Switch optionMenu Features List Menu Features ListLogout Where To Go From Here Option Where To TurnUsing the Menu Interface Use Tab To Search for or Complete a Command Word Conventions for Command Option DisplaysDisplaying Help for an Individual Command Accessing the CLI Using the CLICLI commands are not case-sensitive Using the CLI Privilege Levels at LogonLocation, such as a locked wiring closet Privilege Level OperationOperator Privileges Manager Privileges HP2512 EnableHP2512config# vlan HP2512vlan-10# Manager promptPrivilege Level Hierarchy SetupEnable MenuHow To Move Between Levels Change in Levels Example of Prompt , Command, and ResultListing Commands and Command Options Listing Commands Available at Any Privilege Level? at the Operator level produces this listing Example of the Manager-Level Command Listing Typing ? at the Manager level produces this listingCommand Option Displays HP2512config# portTab HP2512config# port-securityExample of How To List the Options for a Specific Command Displaying CLI HelpExample of Context-Sensitive Command-List Help Interface CLIConfiguration Commands and the Context Configuration Modes HP2512# interface help Invalid input interface10. Context-Specific Commands Affecting Port Context HP2512eth-5-8# ?HP2512config# vlan HP2512vlan-100#HP2512vlan-100# ? CLI Control and Editing Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface SessionAgent Enabled parameter setting to No Using Using the HP Web Browser InterfaceHP Web Browser Interface General Features General FeaturesPlatform Entity and OS Version Minimum Recommended Web Browser Interface RequirementsPCs PCsUsing a Standalone Web Browser in a PC or Unix Workstation Enable Java and Enable JavaScript optionsUsing HP TopTools for Hubs & Switches HttpWindow displayed for the selected device, as shown in figure Example of Status Overview ScreenTasks for Your First HP Web Browser Interface Session Viewing the First Time Install WindowTasks for Your First HP Web Browser Interface Session HP Web BrowserCreating Usernames and Passwords in the Browser Interface Device Passwords Window StringUsing the Passwords Using the User NamesIf You Lose a Password Online Help for the HP Web Browser Interface Server URL onSupport/Mgmt URLs Feature Support/Mgmt URLs FeatureSupport URL Help and the Management Server URLIf Online Help Fails To Operate. Do one of the following How To Access Web Browser Interface Online Help Status Reporting Features Status Reporting FeaturesOverview Window Port Utilization and Status Displays Port Utilization10. Changing the Graph Area Scale 12. The Port Status Indicators and Legend Port StatusEach alert has the following fields of information Alert LogSorting the Alert Log Entries Alert The specific event identificationAlert Types Alert Strings and DescriptionsAlert String Alert Description Viewing Detail Views of Alert Log Entries Console interfaceStatus Bar Status Indicator KeyColor Switch Status BlueSetting Fault Detection Policy 16. The Fault Detection WindowUsing the HP Web Browser Interface Using Interface Access Console/Serial Link, Web IP Addressing Access, IP Configuration IP ConfigurationIP Configuration Features Feature Default MenuJust Want a Quick Start? HP2512# setupRemove it from the switch IP Addressing with Multiple VLANsIP Addressing in a Stacking Environment From the Main Menu, Select To Configure IP AddressingSwitch Configuration IP Configuration Following screenIP Commands Used in This Section Address Ip default-gateway Ip ttl No ip timepShow ip Syntax show ip HP2512config# ip ttl Configure the Optional Timep Server Web Configuring IP AddressingHow IP Addressing Affects Switch Operation Click on the Configuration tabNetwork DHCP/Bootp OperationFeatures Available Without an IP Address ServersAddress received via Dhcp or Bootp ReplyProcess immediately J2512switch Is the IP address to be assigned to the switch or VlanNetwork Preparations for Configuring DHCP/Bootp Globally Assigned IP Network Addresses CountryCompany Name/Address Interface Access Features Locked environmentMenu Modifying the Interface Access To Access the Interface Access ParametersSwitch Configuration System Information CLI Modifying the Interface Access Interface Access Commands Used in This SectionConfiguration will take effect To disable web browser accessTo re-enable web browser access Two parametersExample of Executing a Series of Console Commands Configuring InterfaceSystem Information System Information FeaturesAt last Power reset System InformationPress E for Edit. The cursor moves to the System Name field Menu Viewing and Configuring System InformationOn configuration options for these features Enter, then press S for Save and return to the Main MenuCLI Viewing and Configuring System Information System Information Commands Used in This SectionSystem information settings For example, to configure the age interval to seven minutes HP2512config# mac-age-timeHP2512config# time 1545 10/01/00 Web Configuring System ParametersFor example, to set the switch to 345 p.m. on October 1 Configure System Parameters in the Web Browser InterfaceConfiguring Interface Port Trunking Viewing Port Status and Configuring Port Parameters Port Status and ConfigurationFeaturesViewing port status Configuring ports 10/100TX Status and Parameters for Each Port Type Status or Description ParameterStatus or Description Trunking on Menu Viewing Port Status and Configuring Port ParametersUsing the Menu To Configure Ports From the Main Menu, SelectCLI Viewing Port Status and Configuring Port Parameters Port Status and Configuration CommandsShow interfaces Below Show interface config Interface Example of a Show Interface Command Listing Viewing Port Status and Configuring Port Parameters Web Viewing Port Status and Configuring Port Parameters Web browser interface Click on the Configuration tabClick on Port Configuration Port Trunking Viewing port trunks Configuring a static trunk None GroupPort Trunking Mbps LinksSwitch 2512 and 2524 Port Trunk Features and Operation T e U t i o n C P N o t eLacp passive Trunk Configuration MethodsHP2512config# Int e Trunk Types Used in Static and Dynamic Trunk GroupsSee Trunk Operation Using the FEC Option on Trunk Configuration ProtocolsSee Trunk Group Operation Using Lacp on Protocol Trunking OptionsGeneral Operating Rules for Port Trunks Monitor Port CLI To Configure Ports on Switch Configuration Port/Trunk SettingsExample of the Configuration for a Two-Port Trunk Group Using the CLI To View Port Trunks Trunk Status and Configuration CommandsShow trunks Below Show lacp Trunk Interface lacp Example of a Show Trunk Listing Without Specifying Ports Using the CLI To Configure a Static or Dynamic Trunk Group Trk1 Static Dyn1 Dynamic You can configure trunk group types as followsTrunk Type Trunk Group Membership Yes TrunkHP2512config# interface 5-6 lacp active Web Viewing Existing Port Trunk Groups HP2512config# no interface 1 lacpHP2512config# interface 1 lacp passive Click on Port StatusLacp trunk status include Trunk Group Operation Using LacpTrunk group Lacp Trunk TypesHP2512 show lacp Default Port OperationParticular switch, execute the following command in the CLI Lacp Port Status DataDisabled The port cannot carry traffic Lacp Notes and RestrictionsTrunk Group Operation Using the Trunk Option Trunk Operation Using the FEC OptionHow the Switch Lists Trunk Data Outbound Traffic Distribution Across Trunked Links11. Example of Port-Trunked Network Node a Node W Node B Node C Node Y Node D Node ZThrough Traffic Control Optimizing Port Usage CLI Port Security Command Options and Operation Using Passwords, Port Chapter ContentsOverview Using Password Security Password Features Default MenuLevel Actions Permitted Menu Setting Manager and Operator passwords To set a new password Continue Deletion of password protection? NoPassword below CLI Setting Manager and Operator PasswordsPassword Commands Used in This Section Syntax password manager operator no passwordWeb Configuring User Names and Passwords Click on Device PasswordsClick on the Security tab Basic Operation Configuring and Monitoring Port SecurityConfiguring Port Security Disabled Cast trafficConfiguring and Monitoring Port Security Blocking Unauthorized TrafficPlanning Port Security Trunk Group ExclusionConfiguring and Monitoring Port Security Commands CLI Port Security Command Options and OperationPort Security Commands Used in This Section Acquires and maintains authorized addressesPort Security Parameters Ethernet port-listAddress-limit integer Mac-address mac-addrClear-intrusion-flag CLI Displaying Current Port Security Settings Using the CLI To Display Port Security SettingsCLI Configuring Port Security Using Passwords, Port Security, and Authorized IP HP2512config# port-security 1 mac-address 0c0090-456456 U t i o n T e Web Displaying and Configuring Port Security Features Click on Port SecurityReading Intrusion Alerts and Resetting Alert Flags How the Intrusion Log OperatesKeeping the Intrusion Log Current by Resetting Alert Flags Example of Multiple Intrusion Log Entries for the Same PortType I Intrusion log to display the Intrusion Log Status and Counters Port StatusConfiguring and Monitoring Port Security List Intrusion Log content List Intrusion Alert statusClear Intrusion flags on all ports Using the Event Log To Find Intrusion Alerts Event Log lists port security intrusions asOperating Notes for Port Security Configuring and Monitoring Port Security Using IP Authorized Managers Authorized IP Manager FeaturesAccess Levels Using IP Authorized ManagersDefining Authorized Management Stations Overview of IP Mask Operation Masks onMenu Viewing and Configuring IP Authorized Managers Switch Configuration IP Authorized ManagersFrom the console Main Menu, select Authorized IP Managers Commands Used in This Section CLI Viewing and Configuring Authorized IP ManagersListing the Switch’s Current Authorized IP Managers IP MaskConfiguring IP Authorized Managers for the Switch HP2512config# ip authorized-managersBuilding IP Masks Web Configuring IP Authorized ManagersConfiguring One Station Per Authorized Manager IP Entry Address of the authorized manager you want to deleteAnalysis of IP Mask for Single-Station Entries Authorized 227 125Manager IP Port IP Analysis of IP Mask for Multiple-Station EntriesResults Operating and Troubleshooting NotesAdditional Examples for Authorizing Multiple Stations AuthorizedSecurity, and Authorized IP Using Passwords, Port Configuring for Network Management Applications Monitoring and Managing the SwitchManaging Switch Monitoring Configuring for Network Management ApplicationsSnmp Management Features Snmp Management FeaturesConfiguring for Snmp Access to the Switch Configuring for Snmp Access to SwitchSwitch Configuration Snmp Community Names HP Entity MIB entity.mibTo Restricted Snmp Communities Snmp Community FeaturesWrite access for the public community to Restricted To View, Edit, or Add Snmp CommunitiesSnmp Communities Screen Default Values Snmp Add or Edit ScreenListing Current Community Names and Values CLI Viewing and Configuring Community NamesCommunity Name Commands Used in This Section Community community-strConfiguring Identity Information Configuring Community Names and ValuesHP2512# show snmp-server public Regardless of the trap receiver configuration Trap Receivers and Authentication TrapsTrap Features Opotions are used with the snmp-server host commandTrap Receiver Commands Used in This Section CLI Configuring and Displaying Trap ReceiversUsing the CLI To List Current Snmp Trap Receivers Syntax show snmp-serverUsing the CLI To Enable Authentication Traps Configuring Trap ReceiversUsing the CLI To Enable Authentication Traps Advanced Management Rmon and HP Extended Rmon Support Extended RmonAdvanced Management Rmon and HP Extended Rmon Support MonitoringUsing the CLI To View Stack Status and Configure Stacking FeaturesConfiguring Advanced Features Configuring Advanced Features108 103105 109Overview HP ProCurve Stack Management Stacking Features Default MenuConfigure stacking Reduce the number of IP addresses needed in your networkHP ProCurve Switch 8000M HP ProCurve Switch 4000MWhich Devices Support Stacking? Components of HP ProCurve Stack Management General Stacking OperationStacking Definitions Operating Rules for Stacking General RulesNetwork Backbone Specific Rules IP Addr Optional Stack Name N/AOverview of Configuring and Bringing Up a Stack Stacking Configuration Guide No Manager password Or fewer stack members at the momentUse of System Name to Help Identify Individual Switches General Steps for Creating a StackConfiguring Advanced Features Default Stacking Menu Default Stack Configuration Screen Using the Menu To Manage a Candidate Switch Candidate Commander, Member, or Disabled Candidate Configuration Options in the Menu InterfaceParameter Default Setting Other Settings Stack State Seconds Range 1 to 300 secondsUsing the Commander To Manage The Stack You will then see the Stack Management screen Using the Commander’s Menu To Manually Add a Candidate to aTo add a Member, start at the Main Menu and select Stacking Stack Management10. Example of Candidate List in Stack Management Screen Stacking Stacking Status AllYou will then see the Stacking Status All screen Member MAC AddressesCommander Member listed14. Example of Selecting a Member for Removal from the Stack You will then see the Stack Access screen Stacking Stack AccessPress Return From the Main Menu of the switch you want to move, selectStacking Status All Features StackingMonitoring Stack Status Stack ConfigurationScreen Name Commander Member Candidate Stack Status EnvironmentsYou will then see the Commander’s Stacking Status screen Stacking Stacking Status This SwitchStacking Stacking Status All 19. Example of the Commander’s Stacking Status Screen You will then see the Member’s Stacking Status screenConfiguring Advanced You will then see the Candidate’s Stacking Status screenCLI Commands for Configuring Stacking on a Switch InterfaceUsed In Commander Only CLI Command Operation No stack memberManager password Commander’s CLIUsing the CLI To View Stack Status Viewing the Status of Candidates the Commander Has DetectedFeatures Configuring Advanced Viewing the Status of the Commander and Current MembersUsing the CLI To Configure a Commander Switch Commander Discovered 26. Example of the Commander’s Show Stack Screen with OnlyAdding to a Stack or Moving Switches Between Stacks Using the Commander’s CLI To Manually Add a Candidate to 28. Example of How To Determine Available Switch Numbers SNsHP 2512config# stack auto-join HP2512config# stack member 2 mac-address 0060b0-dfla00HP2512config# no stack auto-join CandidateUsing the Destination Commander CLI To Pull a Member from 31. Example of Pushing a Candidate Into a StackHP2524config# stack member 1 mac-address 0060b0-df1a00 32. Example of Stack Listing with Two Stacks in the SubnetMember Using the CLI To Remove a Member from a StackAccess to the Commander Or the MemberHP2512config# no stack member 3 mac-address 0030c1-7fc700 Using the Member’s CLI To Remove the Member from a StackNorth Seaconfig# no stack join 0030c1-7fec40 HP2512config# telnetMember Switch Snmp Management Station Access to Members Via the CommanderCommander Switch Snmp Community Operation in a StackUsing the CLI To Disable or Re-Enable Stacking Transmission IntervalSnmpget MIB variable 10.31.29.100 blue@sw2 Web Viewing and Configuring Stacking 38. Example of the Web Browser Interface for a CommanderStatus Messages Stacking screens and listings display these status messagesMessage Condition Action or Remedy Port-Based Virtual LANs Static VLANs Vlan Features Default MenuDisabled See Gvrp on VLANs Address would normally belong to the same Vlan39. Example of Routing Between VLANs via an External Router 40. Example of Overlapping VLANs Using the Same Server Overview of Using VLANs Vlan Support and the Default VlanWhich Vlan Is Primary? Per-Port Static Vlan Configuration Options Auto TaggedUntagged ForbidGeneral Steps for Using VLANs Switch Configuration Vlan Menu Vlan Support Menu Configuring Vlan ParametersTo Change Vlan Support Settings You will then see the following screenSpace bar to select from the existing options Gvrp onTo the Vlan Menu screen Switch Configuration Vlan Menu Vlan Names Adding or Editing Vlan Names802.1Q Vlan ID Name Switch Configuration Vlan Menu Vlan Port Assignment Adding or Changing a Vlan Port Assignment48. Example of Vlan Port Assignment Screen Untagged, or ForbidCLI Configuring Vlan Parameters 49. Example of Vlan Assignments for Specific PortsStatic-vlan vlan-id 9-67 Available if Gvrp enabled Vlan Commands Used in this Section9-67 Available if Gvrp enabled No tagged port-list No untagged port-list No forbid51. Example of Show Vlan for a Specific Static Vlan For example, to reconfigure the switch to allow 10 VLANs HP2512config# primary-vlanFor example, to make Vlan 22 the primary Vlan That static Vlan HP2512vlan-100# vlan defaultvlanCreating a New Static Vlan Changing the Vlan Context Level For example, to create a new static Vlan with a VIDHP2512config# static-vlan At the Vlan 100 context level, use Web Viewing and Configuring Vlan ParametersHP2512config# no vlan 100 tagged HP2512vlan-100# no taggedClick on Vlan Configuration Click on Add/Remove VLANs Vlan Tagging Information54. Example of Tagged and Untagged Vlan Port Assignments For the Red VID in switch Y Switch Switch Y Port Red Vlan Green VlanUntagged Tagged IP Interfaces Effect of VLANs on Other Switch FeaturesSpanning Tree Protocol Operation with VLANs To summarizeVlan MAC Addresses Port TrunksPort Monitoring Supported Vlan RestrictionsIP Host-Only Vlan to another VlanSymptoms of Duplicate MAC Addresses in Vlan Environments View Gvrp configuration On a GVRP-enabled switchGeneral Operation Vlan Advertising and Joining onSwitch E Gvrp On Switch D Gvrp OnSwitch C Gvrp On To allow tagged packets to pass throughPer-Port Options for Handling Gvrp Unknown VLANs Options for Handling Unknown Vlan Advertisements ModeControlling Vlan Behavior on Ports with Static VLANs Per-Port Static Vlan Options Gvrp ConfigurationPer-Port Options for Dynamic Vlan Advertising Joining Tagged or Untagged2 Auto2 Forbid2Dynamically joining other VLANs Gvrp and Vlan Access ControlPort-Leave From a Dynamic Vlan To generate advertisementsConfiguring Gvrp On a Switch Menu Viewing and Configuring GvrpPlanning for Gvrp Operation 60. The Vlan Support Screen Default Configuration CLI Viewing and Configuring Gvrp Gvrp Commands Used in This SectionShow gvrp Below Gvrp Unknown -vlans HP2512config# gvrp HP2512config# no gvrpHP2512config# interface 1-2 unknown-vlans block 64. Example of Listing Showing Dynamic VLANs VLAN-222 VLAN-33Web Viewing and Configuring Gvrp HP2512config# staticGvrp Operating Notes Configuring Advanced Multimedia Traffic Control with IP Multicast Igmp Igmp Features Default MenuView igmp configuration Multimedia Traffic Control with IP Multicast IgmpIgmp Operating Features IGMP. Refer to IP Configuration onAddress Information screen Igmp Commands Used in This Section CLI Configuring and Displaying IgmpIndicating whether querier functionality is enabled How Igmp Operates onIgmp configuration for a Igmp configuration for allVLANs on the switch Including per-port dataHP2512config# vlan 1 ip igmp HP2512config# no vlan 1 ip igmpHP2512vlan-1# ip igmp Configuring Per-Port Igmp Packet Control. Use this command Web Enabling or Disabling Igmp How Igmp OperatesRole of the Switch 67. The Advantage of Using Igmp 68. Isolating IP Multicast Traffic in a Network Interaction with Multicast Traffic/Security Filters Be flooded instead of filtered by the switchNumber of IP Multicast Addresses Allowed Per Vlan in which it is usedSTP Features Default Menu Spanning Tree Protocol STPCast storm that can bring down the network Menu Configuring STP Switch Configuration Spanning Tree Operation69. Example of the STP Configuration Screen Actions lineDefault configuration, STP appears as shown here CLI Configuring STPDefault STP Commands Used in This SectionHP2512config# spanning tree 10.General STP Operating Parameters11.Per-Port STP Parameters HP2512config# spanning tree maximum-age 30 hello-timeDefault See -11, above 107Web Enabling or Disabling STP How STP OperatesSTP Fast Mode 71. Example of Redundant Paths Between Two NodesSTP Operation with 802.1Q VLANs To Configure Fast Mode for a Switch PortHP2512config# spanning-tree ethernet 1-3,5 mode fast Ing network loops72. Example of Using a Trunked Link with STP and VLANs 112 Switch Operation Internet Group Management Protocol Igmp Status10-1 Analyzing Operation Ing. See Diagnostic Tools onMonitoring Switch Monitoring and Analyzing Switch Operation 10-210-3 Window under the Configuration tabStatus and Counters Data Interface PurposeMenu Access To Status and Counters Status and CountersGeneral System Information Menu AccessCLI Access 10-5Switch Management Address Information Monitoring Switch10-6 Port Status Web AccessStatus and Counters . . .3. Port Status Switch Operation Menu Displaying Port StatusParticular port or trunk Resetting counters Viewing Port and Trunk Group StatisticsFor all ports Menu Access to Port and Trunk Statistics To access this screen from the Main Menu, selectStatus and Counters Port Counters Mand provides traffic details for the port you specify CLI Access To Port and Trunk Group StatisticsWeb Browser Access To View Port and Trunk Group Statistics Click on Port CountersViewing the Switch’s MAC Address Tables 10-11To page through the listing, use Next page and Prev Menu Access to the MAC Address Views and SearchesStatus and Counters Address Table Enter MAC addressExample of Menu Indicating Located MAC Address Listing MAC Addresses for a Specific PortCLI Access for MAC Address Views and Searches To Find the Port On Which the Switch Learned a Specific MACMenu Access to STP Data Spanning Tree Protocol STP InformationStatus and Counters Spanning Tree Information CLI Access to STP Data HP2512 show spanning-tree10-16 Show Command Output 10-17Ports Switch uses the CLI to display the following Vlan statusVlan Information 10-18Listing the Vlan ID VID and Status for Specific Ports Listing Individual Vlan Status10-19 Web Browser Interface Status Information 10-20Port Monitoring Features Port Monitoring Features Default Menu10-21 Menu Configuring Port Monitoring Switch Configuration Network Monitoring PortTo monitor individual ports To monitor all ports in a VlanMonitoring and Analyzing CLI Configuring Port Monitoring Port Monitoring Commands Used in This SectionFor example, to assign port 12 as the monitoring port HP2512config# mirror-portHP2512config# no mirror-port To turn off port monitoringClick on Monitor Port Web Configuring Port MonitoringTo enable port monitoring Click on the Configuration tab Click on Apply ChangesTroubleshooting Menu Entering and Navigating in the Event Log11-1 Troubleshooting Troubleshooting Approaches Troubleshooting Approaches11-3 Browser or Console Access Problems Cannot access the web browser interfaceBrowser or Console Access Problems 11-5 Ip Invalid ARP source IP address on IP address General ProblemsUnusual Network Activity 11-6IGMP-Related Problems 11-7Timep or Gateway Problems Problems Related to Spanning-Tree Protocol STPStacking-Related Problems Switch Cannot Find the Timep Server or the ConfiguredWithin Same Outside Tagged Vlan VLAN-Related Problems11-9 Tagged Monitor11-10 Date Time System Module Using the Event Log To Identify Problem Sources08/05/98 105232 Ports Port 1 enabled 11-11From the Main Menu, select Event Log Menu Entering and Navigating in the Event LogEvent Log System Modules 11-12Event Log Control Keys HP2512 show logging -a systemDiagnostic Tools Diagnostic ToolsDiagnostic Features Ping and Link TestsWeb Executing Ping or Link Tests 11-15CLI Ping or Link Tests To halt a ping test before it concludes, press Ctrl C 11-1614.Example of Link Tests Troubleshooting 11-17Web Viewing the Configuration File Displaying the Configuration FileCLI Viewing the Configuration File Click on Configuration ReportDisplays the current command Currently running on the switchDisplays the switch shutdown Toggles the paging mode forRestoring the Factory-Default Configuration CLI Resetting to the Factory-Default ConfigurationClear/Reset Resetting to the Factory-Default Configuration Appendix Contents Model. See Transferring Switch Configurations on page A-10 Downloading an Operating System OSUsing Tftp To Download the OS File from a Server Downloading an Operating System OSMenu Tftp Download from a Server Console Main Menu, select Download OS to display this screenCLI Tftp Download from a Server Check the Firmware revision lineValidating and Writing System Software to Flash Using the SNMP-Based Software Update Utility Series 2500 Switch-to-Switch DownloadMenu Switch-to-Switch Download Menu Xmodem Download Using Xmodem to Download the OS File From a PCCLI Switch-To-Switch Download SyntaxCLI Xmodem Download from a PC or Unix Workstation HP2512 show systemTroubleshooting Tftp Downloads Troubleshooting Tftp DownloadsHP2512# show log tftp Transfer Features Default Menu Transferring Switch ConfigurationsTftp Retrieving a Configuration from a Remote Host Session in which the download was attemptedTftp Copying a Configuration to a Remote Host Syntax copy xmodem startup-config pc unix Appendix B Contents MAC Address ManagementMAC Address Management MAC Address Viewing Methods Feature Default MenuDetermining MAC Addresses Determining MAC AddressesAny additional VLANs configured on the switch Menu Viewing the Switch’s MAC AddressesBase switch default Vlan VID = Configured on the SwitchCLI Viewing the Port and Vlan MAC Addresses HP2512# walkmib ifPhysAddressSwitch Memory and Configuration Switch Memory and ConfigurationOverview of Configuration File Management Startup-Config FileHP2512config# write memory Any of the following actions reboots the switchHP2512config# interface ethernet 5 disable Overview of Configuration File ManagementUsing the CLI To Implement Configuration Changes Using the CLI To Implement Configuration ChangesHP2512config# interface e 5 speed-duplex auto-10 Syntax write memoryDo you want to save current configuration y/n? With the factory-default startup configurationSyntax erase startup-config ChangesChanges on page C-9 Using Save and Cancel in the Menu Interface CancelledMemory in the CLI before rebooting the switch Rebooting from the Menu Interface 73.The Reboot Switch Option in the Main MenuUsing the Web Browser Interface To Implement Configuration ChangesConfig file and the startup-config file Alaska 2524 2400M 224M Switches 2424MDaylight Savings Time on HP ProCurve Switches Canada and Continental USSouthern Hemisphere ProCurve SwitchesMiddle Europe and Portugal Western EuropeDaylight Savings Time on HP ProCurve Switches Page Index IndexSee FEC Garp Lacp See Igmp See Vlan See MIB See also IP VID Xmodem OS download … A-7 XNS …
Related manuals
Manual 8 pages 16.63 Kb Manual 188 pages 28.48 Kb Manual 188 pages 48.25 Kb Manual 8 pages 26.72 Kb Manual 118 pages 11.14 Kb Manual 14 pages 60.01 Kb Manual 154 pages 13.11 Kb Manual 149 pages 13.94 Kb Manual 152 pages 27.03 Kb Manual 11 pages 28.46 Kb Manual 154 pages 418 b