Manuals / Sun Microsystems / Computer Equipment / Switch

Sun Microsystems CP3240 manual Secure Remote Access, SNMP Defaults, SSH and SSL/TLS Keys

Models: CP3240

1 131

Download 131 pages 18.57 Kb

Page 99

4.10.3.3SNMP Defaults

4.10.3.3SNMP Defaults

SNMP is enabled by default. The default read-only community string is public. The default read-write community string is private.

4.10.4Secure Remote Access

4.10.4.1SSH and SSL/TLS Keys

The switch supports SSH for a secure CLI console as well as SSL/TLS for secure HTTP. By default, SSH and SSL are disabled. The switch cannot generate its own keys. Keys must be generated on an external PC, and uploaded to the switch via TFTP. Once the keys are on the switch, SSH and HTTPS must be enabled to be used.

4.10.4.2Enabling SSH and SSL

First, the certifications and keys must be uploaded to the switch using a command such as the following:

copy tftp://<ip>/<file> <location>

Upload the following files to the switch:.

FileLocation

rsa1.key nvram:sshkey-rsa1

rsa2.key nvram:sshkey-rsa2

dsa.key nvram:sshkey-dsa

dh512.pem nvram:sslpem-dhweak

dh1024.pem nvram:sslpem-dhstrong

server.pem nvram:sslpem-server rootcert.pem nvram:sslpem-root

Enable secure access (SSH/Telnet) and disable non-secure access (SSL/HTTP).

ip ssh configure

Chapter 4 Configuring Switch Software 4-21

Image 99

Sun Microsystems CP3240 manual Secure Remote Access, SNMP Defaults, SSH and SSL/TLS Keys, Enabling SSH and SSL

Contents

Sun Netra CP3240 Switch Installation Guide Sun Microsystems, IncSeptember 2009, Revision A Please Recycle Please Recycle Page Preface 1. Getting Started Contents2. Overview vi Sun Netra CP3240 Switch Installation Guide SeptemberContents 3. Configuring Jumper Settingsviii Sun Netra CP3240 Switch Installation Guide September 4. Configuring Switch Software4.6 Boot Sequence A. Environment Specifications B. Connectorsx Sun Netra CP3240 Switch Installation Guide September Index-1 C. Datasheet ReferenceD. Agency Certifications Indexxii Sun Netra CP3240 Switch Installation Guide September Figures xiv Sun Netra CP3240 Switch Installation Guide September Tables Switch Configuration Jumper Settings2-27 TABLE A-1 TABLE B-12 10/100Base-TX RJ-45 Connector J13-2ndTABLE B-10 TABLE B-11xviii Sun Netra CP3240 Switch Installation Guide September Before You Read This Document Prefacexx Sun Netra CP3240 Switch Installation Guide September How This Document Is OrganizedTypographic Conventions Related Documentation http//docs.sun.com/app/docs/prod/cp3240.switch?l=en#hichttp//docs.sun.com/app/docs/prod/n900.srvr#hic Sun Welcomes Your Comments Third-Party Web Sitesxxiv Sun Netra CP3240 Switch Installation Guide September Getting Started 1.1.1.1 Hub Connectivity 1.1 System Requirements1.1.1 Connectivity 1.1.2 Electrical and EnvironmentalChapter 1 Getting Started 1.2 Unpacking 1.3 Handling Switches1.5 Jumper Options 1.4 ConnectorsCopper RTM 1.6 Switch and RTM FaceplatesFIGURE 1-1 Switch and RTM Faceplates Switch Faceplate1.6.3 Serial Management Port RJ-45 1.7 RTM Airflows1.6.1 Base 10/100/1000 Uplink Ports RJ-45 1.6.2 10/100 Management Port RJ-451.7.2 RTM Pressure Drop Versus Airflows Impedence Curves FIGURE 1-2 Netra CP3240H-RTM-CU Airflow PaFIGURE 1-3 Netra CP3240H-RTM-CU Airflow InchesH20 Netra CP3240H-RTM-OP Airflow Pa Netra CP3240H-RTM-OP Airflow InchesH20Chapter 1 Getting Started 1.8.1 Removing a Switch Set 1.8 Removing and Installing SwitchesFIGURE 1-6 Front Cable Management Bracket in Lower Position 1.8.1.1 Removing a Switch From the Front of the Server3. Disconnect all cables connected to the switch 1.8.1.2 Removing a Rear Transition Module for a Switch 1.8.2 Installing a Switch Set 1.8.2.1 Installing the Rear Transition Module for a Switch1.8.2.2 Installing a Switch 1.9.1 ATCA Board Status LEDs 1.9 Switch LEDs1.9.2 Hot-Swap LED Section 2.4, “Functional Diagrams and Port Maps” on page OverviewSection 2.1, “Features” on page Section 2.2, “Switch Components” on page2.1.1 General 2.1 Features2.1.2 Base Interface 2-4 Sun Netra CP3240 Switch Installation Guide September 2.1.3 Fabric Gigabit InterfaceSite 3 AMC.0 Mid-size, AMC.2 Type E1 2.1.4 AMC SitesSite 1 AMC.0 Mid-size, AMC.2 Type E1 Site 2 AMC.0 Mid-size, AMC.2 Type 5 and E12.2.3 Broadcom BCM5464R and BCM5461S 10/100/1000Base-T Ethernet PHY 2.2 Switch Components2.2.1 Broadcom StrataXGS 3 BCM56503 Ethernet Switch 2.2.2 Broadcom StrataXGS 3 BCM56800 Ethernet Switch2.2.5 Pigeon Point BMR-H8S-AMCc AdvancedTCA IPMI Subsystem 2.2.4 Freescale PowerQUICC II MPC8247 Communications Processor2.3 Protocols, RFCs, and MIBs Support 2.3.1 FASTPATH Switching2.3.1.2 System Facilities 2.3.1.1 Additional Layer 2 Functionality2.3.1.4 Routing MIBs 2.3.1.3 Switching MIBs2.3.2 FASTPATH Routing 2.3.3 FASTPATH Quality of Service 2.3.3.2 Access Control Lists ACLs2.3.3.1 DiffServ 2.3.3.3 Class of Service CoS 2.3.3.4 Quality of Service MIBs2.3.4 FASTPATH Multicast 2.3.4.1 Multicast MIBs 2.3.5 FASTPATH IPv6 Routing2.3.5.1 IPv6 Routing MIBs 2.3.6 FASTPATH Management2.3.6.3 Additional Management Features 2.3.6.1 SSL 3.0 and TLS2.3.6.2 SSH 1.5 and 2.4 Functional Diagrams and Port Maps 2.4.1 SwitchFIGURE 2-1 Switch Functional Block Diagram 2.4.2 Rear Transition Modules RTMs TABLE 2-1 Switch External PortsTABLE 2-2 Zone 3 RTM Ports FIGURE 2-2 Copper RTM Functional Block Diagram 2.4.2.1 Copper RTM2-20 Sun Netra CP3240 Switch Installation Guide September TABLE 2-3 Copper RTM External PortsTABLE 2-4 Copper RTM Port Restrictions FIGURE 2-3 Fiber Optic RTM Functional Block Diagram 2.4.2.2 Fiber Optic RTM2-22 Sun Netra CP3240 Switch Installation Guide September TABLE 2-5 Fiber Optic External RTM PortsTABLE 2-6 Fiber Optic RTM Port Restrictions FIGURE 2-4 Base Fabric Switch Subsystem 2.4.3 Base Fabric Switch SubsystemFIGURE 2-5 Expansion Fabric Switch Subsystem 2.4.4 Expansion Fabric Switch Subsystem2.4.5 AdvancedMC Sites FIGURE 2-6 AMC Port Map Diagram 2.4.5.1 AMC Port MapsTABLE 2-7 AMC Ethernet Port Availability 2-28 Sun Netra CP3240 Switch Installation Guide September Page TABLE 2-12 AMC Port Restrictions for Copper RTMs 2.4.5.2 AMC Module Support by Site2.4.5.3 AMC Port Restrictions for RTMs TABLE 2-11 AMC Modules by SiteConfiguring Jumper Settings Section 3.1, “Jumper Settings” on pageSection 3.2, “Jumper Locations” on page 3.1.1 P4 Cross-Connect Control 3.1 Jumper Settings3.1.2 P61-2 Fabric Zero Reset Configuration Word 3.1.3 P63-4 Base Zero Reset Configuration Word3.1.4 P81-2 Base Write Protect 3.1.7 P101-2 IPMC Reset 3.1.5 P83-4 Fabric Write Protect3.1.6 P9 IPMC Firmware Program 3.1.9 P111-2 Forced-Board Enable 3.1.10 P113-4 IPMC Board Reset3.1.8 P103-4 IPMC FWE 3.1.12 P13 Serial Direction 3.1.11 P121-2 and P12 3-4 EMI Ground to Logic Ground3.2 Jumper Locations FIGURE 3-1 shows the locations of the jumper settingsFIGURE 3-1 Switch Jumper Locations 3-8 Sun Netra CP3240 Switch Installation Guide September Configuring Switch Software 4.1.1 State Sensors 4.1 IPMI Firmware SensorsChapter 4 Configuring Switch Software The following tables lists the logic that drives these sensorsTABLE 4-3 IPMI Sensor Logic IPMI Thresold Sensors 4.1.2 Threshold Sensors4.2.1 uBoot Console 4.2 uBoot4.2.2 E-Keying Control in uBoot 4.2.3 Serial-Baud Rate Control in uBoot 4.3 Linux4.3.1 e-Keying 4.4 Serial Select 4.3.2 e-Keying Bypass4.3.3 ATCA LEDs 4.5.1 Changing Serial Location from UBoot 4.5 Serial Location4.5.2 Changing Serial Location from FASTPATH The following is an example of a boot sequence 4.6 Boot Sequence4.6.1 Boot Utility Menu 4.6.1.3 Erase Permanent Storage 4.6.1.1 Load Code Update Package using TFTP/FTP4.6.1.2 Erase Current Configuration 4.6.1.4 Select Boot Method4.8 Dual Firmware Images 4.7 Primary and Backup Flash4.8.1 Booting the Non-Active Image 4.6.1.5 Start Diagnostic Application4.9 Network Boot 4.8.2 Updating the Non-Active Image4.8.3 Fabric 1G/10G Auto-negotiation CODE EXAMPLE 4-5 Example Console Output 9. Press number 1 to boot the systemCODE EXAMPLE 4-5 Example Console Output Continued 4-16 Sun Netra CP3240 Switch Installation Guide SeptemberUser 4.10 FASTPATH 4.10.1 Management Options4.10.1.1 CLI TABLE 4-6 Basic CLI Commands 4.10.2 Basic CLI Commands4.10.3 Logins and Prompts 4.10.3.1 CLI Defaults4.10.3.2 Web Interface Defaults 4.10.4.2 Enabling SSH and SSL 4.10.4 Secure Remote Access4.10.3.3 SNMP Defaults 4.10.4.1 SSH and SSL/TLS Keys4.10.6 Port Ordering 4.10.5 Default SettingsTABLE 4-7 Port Order List Continued 4.11 Firmware Updates 4.11.2 Firmware Upgrades4.11.1 Firmware List 4.12.2 Backplane Ports Versus RTM Optical Ports 4.12 Fiber Optic RTM Configuration4.12.3 10G Configuration for RTM Optical Port 4.12.1 Module Support4.12.4 1G Configuration for RTM Optical Port configureauto-negotiate exit exit Environment Specifications A.1 Electrical and Environmental A.1.1 Absolute Maximum RatingsA.1.2 Normal Operating Ranges A.3.1 Board Dimensions and Weight A.2ReliabilityA.3 Mechanical A-4 Sun Netra CP3240 Switch Installation Guide September FIGURE A-1 PCB DimensionsConnectors TABLE B-1 Connector Assignments B.1 Connector AssignmentsFIGURE B-1 Connector Locations Topside B.2 Connector Locations TopsideFIGURE B-2 ATCA Zone 1 Connector J9 TABLE B-2 ATCA Zone 1 Connector J9 PinsTABLE B-3 ATCA Zone 2 P20 ZD Connector J5 ATCA Zone 2 P20 ZD Connector J5ATCA Zone 2 P21 ZD Connector J4 TABLE B-4 ATCA Zone 2 P21 ZD Connector J4B-6 Sun Netra CP3240 Switch Installation Guide September ATCA Zone 2 P21 ZD Connector J4ATCA Zone 2 P23 ZD Connector J2 ATCA Zone 2 P22 ZD Connector J3B-8 Sun Netra CP3240 Switch Installation Guide September TABLE B-6 ATCA Zone 2 P23 ZD Connector J2This connector is the Cisco/Intel pinout ATCA Zone 2 P24 ZD Connector J1B.8 Serial RJ-45 Connector J13 Top TABLE B-7 ATCA Zone 2 P24 ZD Connector J1B.9 Serial Cable TABLE B-11 10/100Base-TX RJ-45 Connector J13-2nd B.10 10/100/1000Base-T RJ-45 Connector J13 3rd, J13 BottomB.11 10/100Base-TX RJ-45 Connector J13 2nd TABLE B-10 10/100/1000Base-T RJ-45 Connector J13-3rd and BottomB.13 ATCA Zone 3 RTM Connector Top J8ATCA Zone 3 RTM Connector J7 B.12TABLE B-14 ATCA Zone 3 RTM Connector J6-Bottom ATCA Zone 3 RTM Connector J6B.14 BottomPICMG 3.1 AdvancedTCA Ethernet and Fibre Channel Datasheet ReferenceIEEE 802.3-2002 CDMA/CD Ethernet and Other IEEE 802.3/802.1 Documents PICMG 3.0 AdvancedTCAThis and other Freescale documents about the MPC8247 are available at Broadcom DatasheetsMPC8272 PowerQUICC II Family Reference Manual IETF RFCsAgency Certifications D.1 CE CertificationD.2 NEBS/ETSI D.3 Safety D.4 Emissions Test Regulations D.4.1 EN 50081-1 EmissionsD.4.2 EN 55024 Immunity D.5.1 D.4.1FCC USA D.5 Regulatory InformationD.5.2 Industry Canada Canada D-6 Sun Netra CP3240 Switch Installation Guide September LEDs switches R removing switches switches, rear transition cards Indexhandling cards, cautions I installing switches switches, rear transition cardsIndex-2 Sun Netra CP3240 Switch Installation Guide September