Nortel Networks 8600 User Manual

Nortel Ethernet Routing Switch 8600

Commissioning

Release: 5.0
Document Revision: 01.01

www.nortel.com

NN46205-319

.

323883-A Rev 01

Nortel Ethernet Routing Switch 8600
Release: 5.0
Publication: NN46205-319
Document status: Standard
Document release date: 30 May 2008

Copyright © 2008 Nortel Networks
All Rights Reserved.

Printed in Canada and the United States of America
LEGAL NOTICE

While the information in this document is believed to be accurate and reliable, except as otherwise expressly
agreed to in writing NORTEL PROVIDES THIS DOCUMENT "AS IS" WITHOUT WARRANTY OR CONDITION OF
ANY KIND, EITHER EXPRESS OR IMPLIED. The information and/or products described in this document are
subject to change without notice.

Nortel, the Nortel logo, and the Globemark are trademarks of Nortel Networks.

All other trademarks are the property of their respective owners.

.

.

Contents

Software license 7
New in this release 11

Features 11

Other changes 11

Introduction 13
Commissioning fundamentals 15

System connections 15

System logon 19

Setup utility 21
Secure and nonsecure protocols 25
Password encryption 26
Management port 26

Web management 29
Device Manager 29

3

NNCLI 11

Document changes 11

Terminal connection 16
Modem connection 16

hsecure mode 20

Static IP entry for the OOB network management interface 27

Commissioning 31

Commissioning tasks 31

Initial steps using Device Manager 33

Initial commissioning procedures 33
Editing system information 34
Configuring the date and time 37
Changing passwords 38

Initial steps using the CLI 41

Initial commissioning procedures 41
Job aid: Roadmap of initial CLI commands 43
Connecting a terminal 45

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

4

Connecting a modem 46

Procedure job aid: PPP file 49

Configuring the switch with the setup utility 54

Procedure job aid: setup utility prompts 54
Configuring system identification 60
Configuring the time zone 62
Configuring the date 63
Specifying the primary SF/CPU 64
Changing passwords 64
Resetting passwords 68

Initial steps using the NNCLI 69

Initial commissioning procedures 69
Job aid: Roadmap of initial NNCLI commands 71
Connecting a terminal 73
Connecting a modem 74

Procedure job aid: PPP file 77
Configuring the switch with the setup utility 81

Procedure job aid: setup utility prompts 82
Configuring system identification 87

Example of configuring system identification 89
Configuring the time zone 89
Configuring the date 91
Specifying the primary SF/CPU 91
Changing passwords 92

Remote connection configuration using Device Manager 95

Remote connection configuration procedures 95
Assigning an IP address to the management port 97
Assigning static routes to the management interface 97
Configuring SNMP settings for Device Manager access 99
Enabling the Web management interface 101

Remote connection configuration using the CLI 103

Remote connection configuration procedures 103
Job aid: Roadmap of remote connection CLI commands 105
Assigning an IP address to the management port 106
Assigning static routes to the management interface 107

Example of assigning a static route to the management interface 108
Enabling remote access services 108
Enabling the Web management interface 109
Configuring the remote host logon 110

Remote connection configuration using the NNCLI 113

Remote connection configuration procedures 113
Job aid: Roadmap of remote connection NNCLI commands 115

Copyright © 2008 Nortel Networks

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

.

Assigning an IP address to the management port 116
Assigning static routes to the management interface 117

Example of assigning a static route to the management interface 118
Enabling remote access services 118
Enabling the Web management interface 119
Configuring the remote host logon 120

Commissioning verification 123

Pinging an IP device 123
Using Telnet to log on to the device 124
Accessing the switch through the Web interface 124

Common procedures using Device Manager 127

Saving the configuration 127

Common procedures using the CLI 129

Saving the configuration 129

Common procedures using the NNCLI 131

Saving the configuration 131

5

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

6

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

.

Software license

This section contains the Nortel Networks software license.

Nortel Networks Inc. software license agreement

This Software License Agreement ("License Agreement") is between
you, the end-user ("Customer") and Nortel Networks Corporation and
its subsidiaries and affiliates ("Nortel Networks"). PLEASE READ THE
FOLLOWING CAREFULLY. YOU MUST ACCEPT THESE LICENSE
TERMS IN ORDER TO DOWNLOAD AND/OR USE THE SOFTWARE.
USE OF THE SOFTWARE CONSTITUTES YOUR ACCEPTANCE OF
THIS LICENSE AGREEMENT. If you do not accept these terms and
conditions, return the Software, unused and in the original shipping
container, within 30 days of purchase to obtain a credit for the full
purchase price.

"Software" is owned or licensed by Nortel Networks, its parent or one of
its subsidiaries or affiliates, and is copyrighted and licensed, not sold.
Software consists of machine-readable instructions, its components, data,
audio-visual content (such as images, text, recordings or pictures) and
related licensed materials including all whole or partial copies. Nortel
Networks grants you a license to use the Software only in the country
where you acquired the Software. You obtain no rights other than those
granted to you under this License Agreement. You are responsible for the
selection of the Software and for the installation of, use of, and results
obtained from the Software.

7

1. Licensed Use of Software. Nortel Networks grants Customer a

nonexclusive license to use a copy of the Software on only one machine
at any one time or to the extent of the activation or authorized usage level,
whichever is applicable. To the extent Software is furnished for use with
designated hardware or Customer furnished equipment ("CFE"), Customer
is granted a nonexclusive license to use Software only on such hardware
or CFE, as applicable. Software contains trade secrets and Customer
agrees to treat Software as confidential information using the same care
and discretion Customer uses with its own similar information that it does
not wish to disclose, publish or disseminate. Customer will ensure that
anyone who uses the Software does so only in compliance with the terms

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

8 Software license

of this Agreement. Customer shall not a) use, copy, modify, transfer
or distribute the Software except as expressly authorized; b) reverse
assemble, reverse compile, reverse engineer or otherwise translate the
Software; c) create derivative works or modifications unless expressly
authorized; or d) sublicense, rent or lease the Software. Licensors of
intellectual property to Nortel Networks are beneficiaries of this provision.
Upon termination or breach of the license by Customer or in the event
designated hardware or CFE is no longer in use, Customer will promptly
return the Software to Nortel Networks or certify its destruction. Nortel
Networks may audit by remote polling or other reasonable means to
determine Customer’s Software activation or usage levels. If suppliers of
third party software included in Software require Nortel Networks to include
additional or different terms, Customer agrees to abide by such terms
provided by Nortel Networks with respect to such third party software.

2. Warranty. Except as may be otherwise expressly agreed to in
writing between Nortel Networks and Customer, Software is provided
"AS IS" without any warranties (conditions) of any kind. NORTEL
NETWORKS DISCLAIMS ALL WARRANTIES (CONDITIONS) FOR THE
SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT
LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OF
NON-INFRINGEMENT. Nortel Networks is not obligated to provide support
of any kind for the Software. Some jurisdictions do not allow exclusion
of implied warranties, and, in such event, the above exclusions may not
apply.

3. Limitation of Remedies. IN NO EVENT SHALL NORTEL
NETWORKS OR ITS AGENTS OR SUPPLIERS BE LIABLE FOR ANY
OF THE FOLLOWING: a) DAMAGES BASED ON ANY THIRD PARTY
CLAIM; b) LOSS OF, OR DAMAGE TO, CUSTOMER’S RECORDS,
FILES OR DATA; OR c) DIRECT, INDIRECT, SPECIAL, INCIDENTAL,
PUNITIVE, OR CONSEQUENTIAL DAMAGES (INCLUDING LOST
PROFITS OR SAVINGS), WHETHER IN CONTRACT, TORT OR
OTHERWISE (INCLUDING NEGLIGENCE) ARISING OUT OF
YOUR USE OF THE SOFTWARE, EVEN IF NORTEL NETWORKS,
ITS AGENTS OR SUPPLIERS HAVE BEEN ADVISED OF THEIR
POSSIBILITY. The forgoing limitations of remedies also apply to any
developer and/or supplier of the Software. Such developer and/or supplier
is an intended beneficiary of this Section. Some jurisdictions do not allow
these limitations or exclusions and, in such event, they may not apply.

4. General

1. If Customer is the United States Government, the following paragraph

shall apply: All Nortel Networks Software available under this License
Agreement is commercial computer software and commercial computer

Copyright © 2008 Nortel Networks

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

.

Nortel Networks Inc. software license agreement 9

software documentation and, in the event Software is licensed for
or on behalf of the United States Government, the respective rights
to the software and software documentation are governed by Nortel
Networks standard commercial license in accordance with U.S. Federal
Regulations at 48 C.F.R. Sections 12.212 (for non-DoD entities) and
48 C.F.R. 227.7202 (for DoD entities).

2.

Customer may terminate the license at any time. Nortel Networks
may terminate the license if Customer fails to comply with the terms
and conditions of this license. In either event, upon termination,
Customer must either return the Software to Nortel Networks or certify
its destruction.

3.

Customer is responsible for payment of any taxes, including personal
property taxes, resulting from Customer’s use of the Software.
Customer agrees to comply with all applicable laws including all
applicable export and import laws and regulations.

4.

Neither party may bring an action, regardless of form, more than two
years after the cause of the action arose.

5.

The terms and conditions of this License Agreement form the complete
and exclusive agreement between Customer and Nortel Networks.

6.

This License Agreement is governed by the laws of the country in
which Customer acquires the Software. If the Software is acquired in
the United States, then this License Agreement is governed by the
laws of the state of New York.

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

10 Software license

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

.

New in this release

The following sections detail what’s new in Nortel Routing Switch 8600
Commissioning, NN46205-319 for Release 5.0:

•

“Features” (page 11)

•

“Other changes” (page 11)

Features

See the following sections for information about feature changes.

•

“NNCLI” (page 11)

NNCLI

In Release 5.0, you can use the new Nortel Command Line Interface
(NNCLI) to configure the switch. For more information about the NNCLI,
see the following sections:

11

•

“Initial steps using the NNCLI” (page 69)

•

“Remote connection configuration using the NNCLI” (page 113)

•

“Common procedures using the NNCLI” (page 131)

Other changes

See the following sections for information about changes that are not
feature-related.

• “Document changes” (page 11)

Document changes

Much of the content in this document is previously released as Getting
Started, 313189-F. All document titles in the Nortel Ethernet Routing
Switch 8600 suite are changed. For more information, see Nortel Ethernet
Routing Switch 8600 Documentation Roadmap, NN46205-103.

Copyright © 2008 Nortel Networks

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

.

12 New in this release

This document is restructured to align with Nortel Customer
Documentation Standards (NCDS).

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

.

Introduction

This guide provides procedures to commission the Nortel Ethernet Routing
Switch 8600.

Navigation

“Commissioning fundamentals” (page 15)

•

•

“Commissioning” (page 31)

• “Initial steps using Device Manager” (page 33)

•

“Initial steps using the CLI” (page 41)

• “Initial steps using the NNCLI” (page 69)

•

“Remote connection configuration using Device Manager” (page 95)

•

“Remote connection configuration using the CLI” (page 103)

•

“Remote connection configuration using the NNCLI” (page 113)

13

• “Commissioning verification” (page 123)

•

“Common procedures using Device Manager” (page 127)

•

“Common procedures using the CLI” (page 129)

•

“Common procedures using the NNCLI” (page 131)

Copyright © 2008 Nortel Networks

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

.

14 Introduction

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

.

Commissioning fundamentals

Commissioning follows hardware installation. Commissioning includes the
minimal, but essential, configuration steps to provide a default, starting
point configuration, set up a management interface, and establish basic
security on the node. For more information about configuring security, see
Nortel Ethernet Routing Switch 8600 Security, NN46205-601.

Navigation

“System connections” (page 15)

•

• “System logon” (page 19)

•

“Setup utility” (page 21)

•

“Secure and nonsecure protocols” (page 25)

•

“Password encryption” (page 26)

•

“Management port” (page 26)

15

•

“Web management” (page 29)

•

“Device Manager” (page 29)

System connections

Connect to the Switch Fabric/Central Processor Unit (SF/CPU) serial ports
using one of the following connections:

• “Terminal connection” (page 16)

• “Modem connection” (page 16)

Copyright © 2008 Nortel Networks

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

.

16 Commissioning fundamentals

Terminal connection

Connect the serial console interface (an RS-232 port) to a PC or terminal
to monitor and configure the switch. The port uses a DB-9 connector
that operates as data terminal equipment (DTE) or data communication
equipment (DCE). The default communication protocol settings for the
console port are:

• 9600 baud

• 8 data bits

• 1 stop bit

•

No parity

To use the console port, you need the following equipment:

•

A terminal or teletypewriter (TTY)-compatible terminal, or a portable

computer with a serial port and terminal-emulation software

•

An Underwriters Laboratories (UL)-listed straight-through or null
modem RS-232 cable with a female DB-9 connector for the console
port on the switch. The other end of the cable must use a connector
appropriate to the serial port on your computer or terminal. Most
computers or terminals use a male DB-25 connector. You can find a
null modem cable with the chassis.

You must shield the cable connected to the console port to comply with
emissions regulations and requirements.

Modem connection

You can access the switch through a modem connection to the Nortel
Ethernet Routing Switch 8600, 8691SF/CPU, or 8692SF/CPU modules.
Nortel recommends that you use the default settings for the modem port
for most modem installations.

To set up modem access, you must use a DTE-to-DCE cable (straight or
transmit cable) to connect the Nortel Ethernet Routing Switch 8600 to the
modem. The following table shows the DTE-to-DCE pin assignments.

Table 1
DTE-to-DCE straight-through pin assignments

Modem
DCE DB-9

pin number

Signal

Received data
(RXD)

Transmitted data
(TXD)

Switch
Pin

number

22 3

33 2

DCE DB-25
pin number

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

Table 1
DTE-to-DCE straight-through pin assignments (cont’d.)

System connections 17

Signal

Data terminal
ready (DTR)

Ground (GND)
Data set ready

(DSR)
Request to send

(RTS)
Clear to send

(CTS)

Switch
Pin

number

44 20

55 7
66 6

77

88

Modem
DCE DB-9

pin number

DCE DB-25
pin number

4

5

The default communication protocol settings for the modem port are:

• 9600 baud

•

8 data bits

• 1 stop bit

•

No parity

Because the modem port receives DSR and CTS signals before
transmitting, control lines are required in the cables. The modem port
supports no inbound flow control. The port does not turn on and turn off
control lines to indicate the input buffer is full.

To connect a modem to a Nortel Ethernet Routing Switch 8600, you can
configure the modem port first using another type of connection to the
command line interface (CLI) or Nortel Command Line Interface (NNCLI).

PPP modem connection

You can establish a PPP (Point-to-Point Protocol) link over serial
asynchronous lines. PC clients use this link to connect remotely to a
switch through a standard dial-up modem and the modem DTE port on the
primary switch SF/CPU. You must configure the connection on both the
remote client PC and the switch. The following figure shows a standard
PPP connection to the Nortel Ethernet Routing Switch 8600.

Copyright © 2008 Nortel Networks

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

.

18 Commissioning fundamentals

Figure 1
PPP configuration topology

When you configure the modem port on the switch to use PPP, you must
also specify a PPP file. The PPP file is a text document which includes
all additional PPP configuration parameters to include when the switch
reboots. Enter one configuration parameter on each line with any required
values.

You can configure the connection to use the Challenge-Handshake
Authentication Protocol (CHAP) or the Password Authentication Protocol
(PAP). Both protocols require a secrets file. The secrets file is a text
document which includes the list of all users authorized to use the modem
port. You must list one user on each line and include specific parameters.
The format for each user is client server password IP address. The
following list explains each option.

• client: the name of the user. This value is the logon name of the

authorized user. This value should be the name or ID of the user,
similar to a Windows or UNIX logon.

• server: the name of the remote device, which is often the dial-in server.

Use an asterisk (*) to indicate any server name is acceptable.

• password: the password for the user.

• IP address: the IP address associated with the user.

The value for the IP address depends on the desired configuration of the
modem. If all users must use the same IP address, you must specify
the same IP address for all users in the file and it must be the same IP
address that you configure as the peer-ip for the modem port. Configure
the IP settings on the client to obtain an IP address automatically.

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

If each user must use a different IP address, list each user with a different
IP address in the file. Configure the client IP settings to use a static IP
address that matches what you configure in the secrets file.

An example secrets file looks like the following:

long * long 47.133.223.200
william * william 47.133.223.200

System logon

After the switch boot sequence is complete, a Login prompt appears. The
following table shows the default values for logon and password for the
console and Telnet sessions.

Table 2
Access levels and default logon values

System logon 19

Access level Description

Read-only Permits view-only configuration and

status information. Is equivalent
to Simple Network Management
Protocol (SNMP) read-only
community access.

Layer 1 read/write View most switch configuration

and status information and change
physical port settings.

Layer 2 read/write View and change configuration

and status information for Layer 2
(bridging and switching) functions.

Layer 3 read/write
(8600 switches only)

Read/write View and change configuration and

Read/write/all Permits all the rights of Read/Write

View and change configuration and
status information for Layer 2 and
Layer 3 (routing) functions.

status information across the switch.
You cannot change security and
password settings. This access level
is equivalent to SNMP read/write
community access.

access and the ability to change
security settings, including the CLI
and Web-based management user
names and passwords and the SNMP
community strings.

Default
logon

ro ro

l1 l1

l2 l2

l3 l3

rw rw

rwa rwa

Default
password

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

20 Commissioning fundamentals

hsecure mode

The Nortel Ethernet Routing Switch 8600 supports a flag called high
secure (hsecure). hsecure introduces the following behaviors for the
password: 10-character enforcement, aging time, limitation of failed logon
attempts, and a protection mechanism to filter certain IP addresses.

After you enable the hsecure flag, the software enforces the 10-character
rule for all passwords. After you upgrade from a previous release, if the
password does not contain at least 10 characters, you must change your
password to the mandatory character length. This password must contain
a minimum of two uppercase characters, two lowercase characters, two
numbers, and two special characters.

Default passwords and community strings

If the switch boots in hsecure mode as a default factory setting, and you
have not configured a password, the default passwords are changed to
respect this rule. The following table describes the default passwords.

Table 3
Default setting passwords

User ID Default password

rwa rwarwarrwar
rw rwrwrwrwrw
ro rororororo
l3 l3l3l3l3l3
l2 l2l2l2l2l2
l1 l1l1l1l1l1
l4admin l4adminl4a
slbadmin slbadminsl
oper operoperop
l4oper l4operl4op
slboper slboperslb
ssladmin ssladminss

The following table describes the default community strings.

Table 4
Default community strings

User ID New community string

ro publiconly
l1
l2

privateonly
privateonly

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

Table 4
Default community strings (cont’d.)

User ID New community string

l3
rw privateonly
rwa secretonly

Aging enforcement

When you enable the hsecure flag, you can configure a duration after
which you must change your password. You configure the duration by
using the aging parameter.

For SNMP and FTP, after a password expires, access is denied. Before
you access the system, you must change a community string to a new
string consisting of more than eight characters.

Consider the following after you enable the hsecure flag:

• You cannot enable the Web server.

Setup utility 21

privateonly

Setup utility

•

You cannot enable the SSH password authentication.

Filtering mechanism

Beginning with Release 4.1, incorrect IP source addresses as network
or broadcast addresses are filtered at the virtual router interface. For
example, V1 has the network address 192.168.168.0/24.

This change is valid for all IP subnets, not only for /24 as mentioned in
the example. Source addresses 192.168.168.0 and 192.168.168.255 are
discarded.

You can filter addresses only if you enable the hsecure mode.

To optimize the function of the Nortel Ethernet Routing Switch 8600, you
can obtain a list of hardware modules. Because the latest modules provide
advanced features, they work in certain operation modes that previous
modules do not support. The setup utility monitors system requirements
and obtains the highest system performance.

Use the setup utility to configure your switch by responding to a series of
on-screen questions. The setup utility saves the information in the boot
and run-time configuration files. The saved information and files ensure

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

22 Commissioning fundamentals

the switch reboots in the desired operating mode. The setup utility also
provides error and warning messages to advise you of the ramifications of
certain hardware and software configurations.

For information about the supported operating modes, see Nortel Ethernet
Routing Switch 8600 Administration, NN46205-605.

The setup utility prompts you through the configuration process by asking
a series of questions. Answer each question or accept the default by
pressing Enter. Each question shows the default in brackets ([ ]) and the
acceptable parameter options in parenthesis.

After you run the setup utility, reboot the switch.
The following figures show sample output from the setup utility. This

example uses the default values.

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

Figure 2
Setup utility example one

Setup utility 23

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

24 Commissioning fundamentals

Figure 3
Setup utility example two

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

Figure 4
Setup utility example three

Secure and nonsecure protocols 25

Secure and nonsecure protocols

The following table describes the secure and nonsecure protocols the
Nortel Ethernet Routing Switch 8600 supports.

Nortel Ethernet Routing Switch 8600

NN46205-319 01.01 Standard

Copyright © 2008 Nortel Networks

.

Commissioning

30 May 2008

26 Commissioning fundamentals

Table 5
Secure and nonsecure protocols for IPv4

Nonsecure protocols

FTP and TFTP Disabled SCP Disabled

Telnet Disabled

SNMPv1, SNMPv2 Enabled

Rlogin Disabled Secure SHell (SSH) v1, v2 Disabled

Default
status

Equivalent secure protocols

Secure SHell (SSH) v1, v2
Nortel recommends that you use
SSHv2 instead of SSHv1.

SNMPv3
You must load the DES/AES image on
the switch to use SNMPv3.

No equivalent

Default
status

Disabled

Enabled

ATTENTION

HTTP Disabled

Nortel recommends that you do not
use this protocol due to the risk to
the security of your network.

Password encryption

Beginning in Release 4.1, the switch stores passwords in encrypted format
and no longer in the configuration file.

ATTENTION

If you load a configuration file saved prior to Release 3.7.6, saved passwords
from the configuration file are not recognized. If you boot the switch for the first
time with the software Release 3.7.6 or higher image, the switch resets the
password to default values and generates a log, which indicates the changes.

For security reasons, Nortel recommends that you configure the passwords to
values other than the factory defaults.

Management port

You must assign an IP address to the management port before you can
use it for out-of-band (OOB) management. In a switch with redundant
8691or 8692 modules, each management port uses a specific IP address.
In addition, you can create a virtual management port with an IP address
available to the master management module.

The master management module replies to all management requests
sent to the virtual IP address, and to requests sent to the management
port IP address. If the master management module fails and the backup
management module takes over, the virtual management port IP address
continues to provide management access to the switch.

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

Management port 27

The following lists provides configuration considerations.

•

You can configure the standby IP to a subnet other than that of the
master IP using Device Manager only. Attempts to do so using CLI or
NNCLI will generate a warning message.

• If you use Device Manager, you can configure the standby IP to a

different subnet than the master IP, and you do not receive a warning
message.

Static IP entry for the OOB network management interface

The following figure shows the OOB network management port default IP
assignment.

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

28 Commissioning fundamentals

Figure 5
OOB network management port default IP flowchart

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

The switch first checks for the file pcmboot.cfg, in Personal Computer
Memory Card International Association (PCMCIA). If not found, the switch
checks for the file boot.cfg in flash.

ATTENTION

If you use the boot configuration file from PCMCIA, you must rename the file to
pcmboot.cfg The boot.cfg file is no longer saved in PCMCIA. The file is saved
only in flash.

Web management

The Nortel Ethernet Routing Switch 8600 includes a Web management
interface you can use to monitor your switch through a Web browser from
anywhere on your network. The Web interface supports many of the same
monitoring features as the Device Manager software.

For information about configuration requirements and instructions to install
the help files, to enable the Web server using Device Manager, and to
access the Web interface, see Nortel Ethernet Routing Switch 8600 User
Interface Fundamentals, NN46205-308.

Device Manager 29

Device Manager

Device Manager is an SNMP-based graphical user interface (GUI) tool
designed to manage single devices. To use Device Manager, you must
connect to a management station running Device Manager in one of the
supported environments.

For information about Device Manager installation and startup, see

Nortel Ethernet Routing Switch 8600 User Interface Fundamentals,
NN46205-308.

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008

30 Commissioning fundamentals

Copyright © 2008 Nortel Networks

.

Nortel Ethernet Routing Switch 8600

Commissioning

NN46205-319 01.01 Standard

30 May 2008