Management and
Configuration Guide
www.procurve.com
ProCurve Switches
E.10.02 (Series 5300xl)
L.10.XX (Series 4200vl)
M.08.73 (Series 3400/6400cl)
6400cl
5300xl
4200vl
3400cl
ProCurve
Series 6400cl Switches
Series 5300xl Switches
Series 4200vl Switches
Series 3400cl Switches
October 2005
E.10.02 or Greater (5300xl)
L.10.01 or Greater (4200vl)
M.08.73 or Greater (3400/6400cl)
Management and Configuration Guide
© Copyright 2000-2005 Hewlett-Packard Development Company,
L.P. The information contained herein is subject to change without notice. All Rights Reserved.
This document contains proprietary information, which is
protected by copyright. No part of this document may be
photocopied, reproduced, or translated into another
language without the prior written consent of HewlettPackard.
Publication Number
5990-6050
October 2005
Applicable Products
ProCurve Switch 5308XL (J4819A)
ProCurve Switch 5372XL (J4848A)
ProCurve Switch 5348XL (J4849A)
ProCurve Switch 5304XL (J4850A)
ProCurve Switch 3400cl-24G (J4905A)
ProCurve Switch 3400cl-48G (J4906A)
ProCurve Switch 4204vl (J8770A)
ProCurve Switch 4208vl (J8773A)
ProCurve Switch 4202vl-72 (J8772A)
ProCurve Switch 4202vl-48G (J8771A)
ProCurve Switch 10G CX4 6400cl-6XG (J8433A)
ProCurve Switch 10G X2 6400cl-6XG (J8474A)
Trademark Credits
Microsoft, Windows, Windows 95, and Microsoft Windows
NT are US registered trademarks of Microsoft Corporation.
Internet Explorer is a trademark of Microsoft Corporation.
Ethernet is a registered trademark of Xerox Corporation.
Netscape is a registered trademark of Netscape Corporation.
Cisco® is a trademark of Cisco Systems, Inc.
Disclaimer
The information contained in this document is subject to
change without notice.
HEWLETT-PACKARD COMPANY MAKES NO WARRANTY
OF ANY KIND WITH REGARD TO THIS MATERIAL,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not
be liable for errors contained herein or for incidental or
consequential damages in connection with the furnishing,
performance, or use of this material.
The only warranties for HP products and services are set
forth in the express warranty statements accompanying
such products and services. Nothing herein should be
construed as constituting an additional warranty. HP shall
not be liable for technical or editorial errors or omissions
contained herein.
Hewlett-Packard assumes no responsibility for the use or
reliability of its software on equipment that is not furnished
by Hewlett-Packard.
Warranty
See the Customer Support/Warranty booklet included with
the product.
A copy of the specific warranty terms applicable to your
Hewlett-Packard products and replacement parts can be
obtained from your HP Sales and Service Office or
authorized dealer.
Hewlett-Packard Company
8000 Foothills Boulevard, m/s 5551
Roseville, California 95747-5551
http://www.procurve.com
Contents
Product Documentation
About Your Switch Manual Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
Feature Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
1 Getting Started
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Feature Descriptions by Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Command Syntax Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Command Prompts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Screen Simulations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
Port Identity Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
Sources for More Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
Getting Documentation From the Web . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
Online Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7
Need Only a Quick Start? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8
IP Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8
To Set Up and Install the Switch in Your Network . . . . . . . . . . . . . . . 1-9
2 Selecting a Management Interface
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
Understanding Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
Advantages of Using the Menu Interface . . . . . . . . . . . . . . . . . . . . . . . . 2-3
Advantages of Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
General Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
iii
Information on Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
Advantages of Using ProCurve Manager
Custom Login Banners for the Console and
Advantages of Using the Web Browser Interface . . . . . . . . . . . . . . . . 2-5
or ProCurve Manager Plus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7
Web Browser Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-10
Banner Operation with Telnet, Serial, or SSHv2 Access . . . . . . . 2-11
Banner Operation with Web Browser Access . . . . . . . . . . . . . . . 2-11
Configuring and Displaying a Non-Default Banner . . . . . . . . . . . 2-11
Example of Configuring and Displaying a Banner . . . . . . . . . . . . 2-12
Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-15
3 Using the Menu Interface
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2
Starting and Ending a Menu Session . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
How To Start a Menu Interface Session . . . . . . . . . . . . . . . . . . . . . . . . . 3-4
How To End a Menu Session and Exit from the Console: . . . . . . . . . . 3-5
Main Menu Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7
Screen Structure and Navigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9
Rebooting the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-12
Menu Features List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-14
Where To Go From Here . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15
4 Using the Command Line Interface (CLI)
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
Privilege Levels at Logon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
Privilege Level Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
Operator Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
Manager Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5
iv
How To Move Between Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7
Listing Commands and Command Options . . . . . . . . . . . . . . . . . . . . . . 4-8
Listing Commands Available at Any Privilege Level . . . . . . . . . . . 4-8
Listing Command Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-10
Displaying CLI “Help” . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11
Configuration Commands and the Context Configuration Modes . . 4-13
CLI Control and Editing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16
5 Using the Web Browser Interface
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1
Using ProCurve Manager (PCM) or
Security: Creating Usernames and Passwords
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2
General Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
Starting an Web Browser Interface Session with the Switch . . . . . 5-4
Using a Standalone Web Browser in a PC or UNIX Workstation . . . . 5-4
ProCurve Manager Plus (PCM+) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5
Tasks for Your First Web Browser Interface Session . . . . . . . . . . . . 5-7
Viewing the “First Time Install” Window . . . . . . . . . . . . . . . . . . . . . . . . 5-7
in the Browser Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8
Entering a User Name and Password . . . . . . . . . . . . . . . . . . . . . . 5-10
Using a User Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10
If You Lose the Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10
Online Help for the Web Browser Interface . . . . . . . . . . . . . . . . . . . . 5-11
Support/Mgmt URLs Feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-12
Support URL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-13
Help and the Management Server URL . . . . . . . . . . . . . . . . . . . . . . . . 5-13
Using the PCM Server for Switch Web HelpWeb Help . . . . . . . . . . . . 5-14
Status Reporting Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16
The Overview Window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16
The Port Utilization and Status Displays . . . . . . . . . . . . . . . . . . . . . . . 5-17
Port Utilization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-17
Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-19
The Alert Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-20
v
Sorting the Alert Log Entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-20
Alert Types and Detailed Views . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-21
The Status Bar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-22
Setting Fault Detection Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-24
6 Switch Memory and Configuration
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1
Using the Menu and Web Browser Interfaces To Implement
Viewing the Startup-Config File Status with Multiple
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2
Overview of Configuration File Management . . . . . . . . . . . . . . . . . . . 6-2
Using the CLI To Implement Configuration Changes . . . . . . . . . . . . 6-5
Configuration Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-8
Menu: Implementing Configuration Changes . . . . . . . . . . . . . . . . . . . . 6-8
Using Save and Cancel in the Menu Interface . . . . . . . . . . . . . . . . 6-9
Rebooting from the Menu Interface . . . . . . . . . . . . . . . . . . . . . . . 6-10
Web: Implementing Configuration Changes . . . . . . . . . . . . . . . . . . . . 6-11
Using Primary and Secondary Flash Image Options . . . . . . . . . . . . . 6-12
Displaying the Current Flash Image Data . . . . . . . . . . . . . . . . . . . . . . 6-12
Switch Software Downloads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-14
Local Switch Software Replacement and Removal . . . . . . . . . . . . . . 6-15
Rebooting the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-17
Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-20
Multiple Configuration Files on 5300xl and 4200vl Switches . . . . 6-21
General Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-23
Transitioning to Multiple Configuration Files . . . . . . . . . . . . . . . . . . . 6-25
Listing and Displaying Startup-Config Files . . . . . . . . . . . . . . . . . . . . . 6-26
Configuration Enabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-26
Displaying the Content of A Specific Startup-Config File . . . . . . 6-28
Changing or Overriding the Reboot Configuration Policy . . . . . . . . . 6-28
Managing Startup-Config Files in the Switch . . . . . . . . . . . . . . . . . . . 6-30
Renaming an Existing Startup-Config File . . . . . . . . . . . . . . . . . . 6-31
Creating a New Startup-Config File . . . . . . . . . . . . . . . . . . . . . . . . 6-31
Erasing a Startup-Config File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-33
vi
Using the Clear + Reset Button Combination To Reset the
Switch to Its Default Configuration . . . . . . . . . . . . . . . . . . . . . . . . 6-34
Xmodem: Copying a Configuration File to a
Xmodem: Copying a Configuration from a Serially
Transferring Startup-Config Files To or From a Remote Server . . . . 6-36
TFTP: Copying a Configuration File to a Remote Host . . . . . . . . 6-36
TFTP: Copying a Configuration File from a Remote Host . . . . . 6-36
Serially Connected Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-37
Connected Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-37
Operating Notes for Multiple Configuration Files . . . . . . . . . . . . . . . 6-38
7 Interface Access and System Information
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2
Interface Access: Console/Serial Link, Web, and Inbound Telnet . 7-3
Menu: Modifying the Interface Access . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4
CLI: Modifying the Interface Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5
Denying Interface Access by Terminating Remote Management
Sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-8
System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-9
Menu: Viewing and Configuring System Information . . . . . . . . . . . . . 7-10
CLI: Viewing and Configuring System Information . . . . . . . . . . . . . . 7-11
Web: Configuring System Parameters . . . . . . . . . . . . . . . . . . . . . . . . . 7-14
8 Configuring IP Addressing
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2
IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2
Just Want a Quick Start with IP Addressing? . . . . . . . . . . . . . . . . . . . . 8-3
IP Addressing with Multiple VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4
Menu: Configuring IP Address, Gateway, and Time-To-Live (TTL) . . 8-5
CLI: Configuring IP Address, Gateway, and Time-To-Live (TTL) . . . . 8-6
Web: Configuring IP Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10
How IP Addressing Affects Switch Operation . . . . . . . . . . . . . . . . . . . 8-11
vii
DHCP/Bootp Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12
Network Preparations for Configuring DHCP/Bootp . . . . . . . . . 8-14
IP Preserve: Retaining VLAN-1 IP Addressing Across
Configuration File Downloads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-15
Operating Rules for IP Preserve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-15
Enabling IP Preserve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-16
9 Time Protocols
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
TimeP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
SNTP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
Selecting a Time Synchronization Protocol or Turning Off Time
Protocol Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
General Steps for Running a Time Protocol on the Switch: . . . . . . . . 9-3
Disabling Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-4
SNTP: Viewing, Selecting, and Configuring . . . . . . . . . . . . . . . . . . . . . 9-4
Menu: Viewing and Configuring SNTP . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
CLI: Viewing and Configuring SNTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-8
Viewing the Current SNTP Configuration . . . . . . . . . . . . . . . . . . . . 9-8
Configuring (Enabling or Disabling) the SNTP Mode . . . . . . . . . 9-10
TimeP: Viewing, Selecting, and Configuring . . . . . . . . . . . . . . . . . . . . 9-15
Menu: Viewing and Configuring TimeP . . . . . . . . . . . . . . . . . . . . . . . . 9-16
CLI: Viewing and Configuring TimeP . . . . . . . . . . . . . . . . . . . . . . . . . . 9-18
Viewing the Current TimeP Configuration . . . . . . . . . . . . . . . . . . 9-18
Configuring (Enabling or Disabling) the TimeP Mode . . . . . . . . 9-20
SNTP Unicast Time Polling with Multiple SNTP Servers . . . . . . . . 9-24
Address Prioritization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-24
Displaying All SNTP Server Addresses Configured on the Switch . . 9-25
Adding and Deleting SNTP Server Addresses . . . . . . . . . . . . . . . . . . . 9-25
Menu: Operation with Multiple SNTP Server Addresses Configured 9-27
SNTP Messages in the Event Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-27
viii
10 Port Status and Basic Configuration
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2
Viewing Port Status and Configuring Port Parameters . . . . . . . . . . 10-2
Menu: Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6
CLI: Viewing Port Status and Configuring Port Parameters . . . . . . . 10-8
Using the CLI To Enable or Disable Ports and
Configure Port Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-9
Enabling or Disabling Flow Control . . . . . . . . . . . . . . . . . . . . . . 10-11
Configuring a Broadcast Limit on the Switch . . . . . . . . . . . . . . 10-14
Configuring Auto-MDIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-15
Web: Viewing Port Status and Configuring Port Parameters . . . . . 10-18
Using Friendly (Optional) Port Names . . . . . . . . . . . . . . . . . . . . . . . 10-19
Configuring and Operating Rules for Friendly Port Names . . . . . . . 10-19
Configuring Friendly Port Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-20
Displaying Friendly Port Names with Other Port Data . . . . . . . . . . 10-21
11 Power Over Ethernet (PoE) Operation
for the Series 5300xl Switches
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-1
PoE Operation on the Series 5300xl Switches . . . . . . . . . . . . . . . . . . 11-2
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2
PoE Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3
Overview of Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-4
Related Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-4
General PoE Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-5
Configuration Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-5
PD Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-6
Power Priority Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-8
Configuring PoE Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-10
Changing the PoE Port Priority Level . . . . . . . . . . . . . . . . . . . . . . . . . 11-10
Disabling or Re-Enabling PoE Port Operation . . . . . . . . . . . . . . . . . 11-11
Changing the Threshold for Generating a Power Notice . . . . . . . . . 11-11
Configuring Optional PoE Port Identifiers . . . . . . . . . . . . . . . . . . . . . 11-12
ix
12
Viewing PoE Configuration and Status . . . . . . . . . . . . . . . . . . . . . . . 11-15
Displaying the Switch’s Global PoE Power Status . . . . . . . . . . . . . . 11-15
Displaying an Overview of PoE Status on All Ports . . . . . . . . . . . . . 11-16
Displaying the PoE Status on Specific Ports . . . . . . . . . . . . . . . . . . . 11-17
Planning and Implementing a PoE Configuration . . . . . . . . . . . . . . 11-19
Assigning PoE Ports to VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-19
Applying Security Features to PoE Configurations . . . . . . . . . . . . . 11-19
Assigning Priority Policies to PoE Traffic . . . . . . . . . . . . . . . . . . . . . 11-20
Calculating the Maximum Load for an xl PoE Module . . . . . . . . . . . 11-21
PoE Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-22
PoE Event Log Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-23
“Informational” PoE Event-Log Messages . . . . . . . . . . . . . . . . . 11-23
“Warning” PoE Event-Log Messages . . . . . . . . . . . . . . . . . . . . . . 11-24
Access Controller xl Module for the Series 5300xl
Switches
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-1
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3
General Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3
Related Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3
Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4
Access Controller xl Module Overview . . . . . . . . . . . . . . . . . . . . . . . . 12-5
Module Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-5
Using 5300xl Features with the Access Controller xl Module . . . 12-7
Routing Infrastructure Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-10
Using 5300xl Switch Network Address Translation with the ACM 12-11
The Role of VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-12
Client VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-12
Static VLAN Features Supported on Client VLANs . . . . . . . . . . 12-13
General Operating Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-14
Configuring the ACM on the Network . . . . . . . . . . . . . . . . . . . . . . . . 12-14
Configuring the Access Controller xl Module . . . . . . . . . . . . . . . . . 12-16
Configuring Downlink Client Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-16
x
Changing the VLAN-Base . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-18
Configuring Client VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-18
Configuring Uplink Network Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-19
Configuring the Uplink VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-19
ACM Configuration Commands Summary and Syntax . . . . . . . . . . 12-20
Configuration Context Command Syntax . . . . . . . . . . . . . . . . . . 12-20
Access Controller Context Command Syntax . . . . . . . . . . . . . . 12-22
Displaying Access Controller xl Status from the 5300xl CLI . . . 12-24
ACM Display Commands Summary and Syntax . . . . . . . . . . . . . . . . 12-24
Configuration Context Command Syntax . . . . . . . . . . . . . . . . . . 12-25
Access Controller Context Command Syntax . . . . . . . . . . . . . . 12-26
Managing the ACM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-27
Using the ACM’s Extended CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-27
Downloading New Software to the Module . . . . . . . . . . . . . . . . . . . . 12-30
Resetting the Module to Factory Defaults . . . . . . . . . . . . . . . . . . . . . 12-30
Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-31
BIOS POST Event Log Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-31
13 Port Trunking
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-2
Port Trunk Features and Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-4
Trunk Configuration Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-5
Menu: Viewing and Configuring a Static Trunk Group . . . . . . . . . . 13-9
CLI: Viewing and Configuring Port Trunk Groups . . . . . . . . . . . . . 13-11
Using the CLI To View Port Trunks . . . . . . . . . . . . . . . . . . . . . . . . . . 13-11
Using the CLI To Configure a Static or Dynamic Trunk Group . . . 13-14
Web: Viewing Existing Port Trunk Groups . . . . . . . . . . . . . . . . . . . . 13-17
Trunk Group Operation Using LACP . . . . . . . . . . . . . . . . . . . . . . . . . 13-18
Default Port Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-21
LACP Notes and Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-22
Trunk Group Operation Using the “Trunk” Option . . . . . . . . . . . . 13-25
xi
14
How the Switch Lists Trunk Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-26
Outbound Traffic Distribution Across Trunked Links . . . . . . . . . 13-26
Port Traffic Controls
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-1
Overview
All-Traffic Rate-Limiting for the
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-3
5300xl, 3400cl and 6400cl Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-4
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-4
Rate-Limiting Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-5
Configuring Inbound Rate-Limiting . . . . . . . . . . . . . . . . . . . . . . . . 14-5
Displaying the Current Rate-Limit Configuration . . . . . . . . . . . . 14-6
Operating Notes for Rate-Limiting . . . . . . . . . . . . . . . . . . . . . . . . . 14-7
ICMP Rate-Limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-10
Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-10
Effect of ICMP Rate-Limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-10
Operating Notes for ICMP Rate-Limiting . . . . . . . . . . . . . . . . . . 14-17
Guaranteed Minimum Bandwidth (GMB) on the Series 5300xl
Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-21
Configuring Guaranteed Minimum Bandwidth for
Displaying the Current Guaranteed Minimum Bandwidth
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-21
Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-21
GMB Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-21
Outbound Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-23
Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-25
GMB Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-26
Jumbo Packets on the Series
3400cl and Series 6400cl Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-27
Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-27
Operating Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-28
Configuring Jumbo Packet Operation . . . . . . . . . . . . . . . . . . . . . . . . 14-29
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-29
Viewing the Current Jumbo Configuration . . . . . . . . . . . . . . . . . 14-30
Enabling or Disabling Jumbo Traffic on a VLAN . . . . . . . . . . . . 14-32
xii
Operating Notes for Jumbo Traffic-Handling . . . . . . . . . . . . . . . . . . 14-32
Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-35
15 Configuring for Network Management Applications
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-1
Menu: Viewing and Configuring non-SNMP
Using SNMP Tools To Manage the Switch . . . . . . . . . . . . . . . . . . . . . . 15-3
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-3
SNMP Management Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-4
Configuring for SNMP Access to the Switch . . . . . . . . . . . . . . . . . . . . 15-4
Configuring for SNMP Version 3 Access to the Switch . . . . . . . . . . . 15-5
SNMP Version 3 Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-6
Enabling SNMPv3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-7
SNMPv3 Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-7
Group Access Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-10
SNMPv3 Communities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-11
version 3 Communities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-13
CLI: Viewing and Configuring SNMP Community Names . . . . 15-14
SNMPv3 Notification and Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-16
SNMPv1 and SNMPv2c Trap Features . . . . . . . . . . . . . . . . . . . . 15-18
CLI: Configuring and Displaying Trap Receivers . . . . . . . . . . . 15-19
Using the CLI To Enable Authentication Traps . . . . . . . . . . . . . 15-22
Advanced Management: RMON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-22
LLDP (Link-Layer Discovery Protocol) . . . . . . . . . . . . . . . . . . . . . . . 15-24
Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-25
General LLDP Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-27
LLDP-MED . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-27
Packet Boundaries in a Network Topology . . . . . . . . . . . . . . . . . . . . 15-27
Configuration Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-28
Options for Reading LLDP Information Collected by the Switch . . 15-30
LLDP and LLDP-MED Standards Compatibility . . . . . . . . . . . . . . . . 15-31
LLDP Operating Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-31
LLDP Data Management on the Series 3400cl and 6400cl Switches 15-32
LLDP Neighbor Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-32
Configuring LLDP Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-33
xiii
Viewing the Current Configuration . . . . . . . . . . . . . . . . . . . . . . . 15-34
Changing the Minimum Interval for Successive Data Change
Configuring Support for Port Speed and Duplex
LLDP-MED (Media-Endpoint-Discovery) for the
Advertising Device Capability, Network Policy, PoE Status
Displaying Switch Information Available for Outbound
Configuring Global LLDP Packet Controls . . . . . . . . . . . . . . . . . 15-36
Configuring SNMP Notification Support . . . . . . . . . . . . . . . . . . . 15-40
Notifications for the Same Neighbor . . . . . . . . . . . . . . . . . . . . . . 15-40
Configuring Per-Port Transmit and Receive Modes . . . . . . . . . 15-41
Configuring Basic LLDP Per-Port Advertisement Content . . . . 15-41
Advertisements on the 5300xl and 4200vl Switches . . . . . . . . . 15-43
5300xl and 4200vl Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-44
LLDP-MED Topology Change Notification . . . . . . . . . . . . . . . . . 15-47
LLDP-MED Fast Start Control . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-49
and Location Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-49
Configuring Location Data for LLDP-MED Devices . . . . . . . . . 15-54
Displaying Advertisement Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-59
Advertisements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-60
Displaying LLDP Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-65
LLDP Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-67
LLDP and CDP Data Management . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-69
LLDP and CDP Neighbor Data . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-69
CDP Operation and Commands . . . . . . . . . . . . . . . . . . . . . . . . . . 15-71
A File Transfers
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3
Downloading Switch Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3
General Software Download Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-4
Using TFTP To Download Switch Software from a Server . . . . . . . . A-4
Menu: TFTP Download from a Server to Primary Flash . . . . . . . A-5
CLI: TFTP Download from a Server to Flash . . . . . . . . . . . . . . . . A-6
Using Secure Copy and SFTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-8
How It Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-9
The SCP/SFTP Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-9
xiv
Disable TFTP and Auto-TFTP for Enhanced Security . . . . . . . A-10
Command Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-12
Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-13
SCP/SFTP Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-13
Using Xmodem to Download Switch Software From a PC or UNIX
Workstation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-15
Menu: Xmodem Download to Primary Flash . . . . . . . . . . . . . . . A-15
CLI: Xmodem Download from a PC or UNIX Workstation to
Primary or Secondary Flash . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-16
Switch-to-Switch Download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-17
Menu: Switch-to-Switch Download to Primary Flash . . . . . . . . A-17
CLI: Switch-To-Switch Downloads . . . . . . . . . . . . . . . . . . . . . . . A-18
Xmodem: Copying a Configuration File from the Switch to
Xmodem: Copying a Configuration File from a
Using PCM+ to Update Switch Software . . . . . . . . . . . . . . . . . . . . . . A-20
Troubleshooting TFTP Downloads . . . . . . . . . . . . . . . . . . . . . . . . . . . A-20
Transferring Switch Configurations and ACL Command Files . . A-21
TFTP: Copying a Configuration from a Remote Host . . . . . . . . A-22
TFTP: Copying a Configuration File to a Remote Host . . . . . . . A-23
TFTP: Uploading an ACL Command File from a TFTP Server A-23
a Serially Connected PC or UNIX Workstation . . . . . . . . . . . . . A-25
Serially Connected PC or UNIX Workstation . . . . . . . . . . . . . . . A-26
Copying Diagnostic Data to a Remote Host, PC, or
UNIX Workstation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-27
Copying Command Output to a Destination Device . . . . . . . . . A-28
Copying Event Log Output to a Destination Device . . . . . . . . . A-28
Copying Crash Data Content to a Destination Device . . . . . . . A-29
Copying Crash Log Data Content to a Destination Device . . . . A-30
B Monitoring and Analyzing Switch Operation
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-3
Status and Counters Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-4
Menu Access To Status and Counters . . . . . . . . . . . . . . . . . . . . . . . . . B-5
General System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-5
xv
Menu Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-5
CLI Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-6
Switch Management Address Information . . . . . . . . . . . . . . . . . . . . . . B-6
Menu Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-6
CLI Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-7
Module Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-8
Menu: Displaying Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-8
CLI Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-8
Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-9
Menu: Displaying Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-9
CLI Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-9
Web Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-9
Viewing Port and Trunk Group Statistics and Flow Control Status B-10
Menu Access to Port and Trunk Statistics . . . . . . . . . . . . . . . . . B-11
CLI Access To Port and Trunk Group Statistics . . . . . . . . . . . . B-12
Web Browser Access To View Port and Trunk Group Statistics B-12
Viewing the Switch’s MAC Address Tables . . . . . . . . . . . . . . . . . . . . B-13
Menu Access to the MAC Address Views and Searches . . . . . . B-13
CLI Access for MAC Address Views and Searches . . . . . . . . . . B-16
Spanning Tree Protocol (STP) Information . . . . . . . . . . . . . . . . . . . . B-17
Menu Access to STP Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-17
CLI Access to STP Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-18
Internet Group Management Protocol (IGMP) Status . . . . . . . . . . . B-19
VLAN Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-20
Web Browser Interface Status Information . . . . . . . . . . . . . . . . . . . . B-22
Interface Monitoring Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-23
Menu: Configuring Port and Static Trunk Monitoring . . . . . . . . . . . B-24
CLI: Configuring Port, Mesh, and Static Trunk Monitoring . . . . . . . B-26
Web: Configuring Port Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . B-29
C Troubleshooting
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-3
Troubleshooting Approaches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-4
xvi
Browser or Telnet Access Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . C-5
Unusual Network Activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-7
General Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-7
802.1Q Prioritization Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-8
ACL Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-8
IGMP-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-12
LACP-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-13
Mesh-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-13
Port-Based Access Control (802.1x)-Related Problems . . . . . . . . . . C-14
QoS-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-17
Radius-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-17
Spanning-Tree Protocol (STP) and Fast-Uplink Problems . . . . . . . C-18
SSH-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-19
TACACS-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-21
TimeP, SNTP, or Gateway Problems . . . . . . . . . . . . . . . . . . . . . . . . . C-23
VLAN-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-23
Using the Event Log To Identify Problem Sources . . . . . . . . . . . . . C-26
Menu: Entering and Navigating in the Event Log . . . . . . . . . . . . . . . C-28
CLI: Listing Events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-29
Reducing Duplicate Event Log and SNMP Trap Messages . . . . . . . C-30
Debug and Syslog Messaging Operation . . . . . . . . . . . . . . . . . . . . . . C-33
Debug Command Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-34
Debug Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-35
Debug Destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-37
Syslog Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-38
Viewing the Debug Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-39
Steps for Configuring Debug and Syslog Messaging . . . . . . . . . . . . . C-39
Operating Notes for Debug and Syslog . . . . . . . . . . . . . . . . . . . . . . . C-43
Diagnostic Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-44
Port Auto-Negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-44
Ping and Link Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-44
Web: Executing Ping or Link Tests . . . . . . . . . . . . . . . . . . . . . . . C-46
CLI: Ping or Link Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-47
Displaying the Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-49
CLI: Viewing the Configuration File . . . . . . . . . . . . . . . . . . . . . . C-49
xvii
Web: Viewing the Configuration File . . . . . . . . . . . . . . . . . . . . . . C-49
Listing Switch Configuration and Operation Details . . . . . . . . . C-49
CLI Administrative and Troubleshooting Commands . . . . . . . . . . . C-51
Traceroute Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-52
Restoring the Factory-Default Configuration . . . . . . . . . . . . . . . . . C-55
CLI: Resetting to the Factory-Default Configuration . . . . . . . . C-55
Clear/Reset: Resetting to the Factory-Default Configuration . C-55
Restoring a Flash Image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-56
D MAC Address Management
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D-2
Determining MAC Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D-3
Menu: Viewing the Switch’s MAC Addresses . . . . . . . . . . . . . . . . . . . . D-4
CLI: Viewing the Port and VLAN MAC Addresses . . . . . . . . . . . . . . . . D-5
Viewing the MAC Addresses of Connected Devices . . . . . . . . . . . . . D-8
E Daylight Savings Time on ProCurve Switches
Index
xviii
Product Documentation
About Your Switch Manual Set
The switch manual set includes the following documentation:
■ Read Me First—a printed guide shipped with your switch. Provides soft-
ware update information, product notes, and other information.
■ Installation and Getting Started Guide—a printed guide shipped with your
switch. This guide explains how to prepare for and perform the physical
installation and connect the switch to your network.
■ Management and Configuration Guide—included as a PDF file on the
Documentation CD. This guide describes how to configure, managed, and
monitor switch operation.
■ Advanced Traffic Management Guide—included as a PDF file on the
Documentation CD. This guide explains how to configure traffic management features such as STP, QoS, and IP routing.
■ Access Security Guide—included as a PDF file on the Documentation CD.
This guide explains how to configure access security features and user
authentication on the switch.
■ Release Notes—posted on the ProCurve Networking web site to provide
information on software updates. The release notes describe new features, fixes, and enhancements that become available between revisions
of the main product guide.
Note For the latest version of all ProCurve switch documentation, including
Release Notes covering recently added features, visit the ProCurve Networking web sit at http://www.procurve.com, click on Technical support, and then
click on Product manuals (all).
xix
Product Documentation
Feature Index
Feature Index
For the manual set supporting your switch model, the following feature index
indicates which manual to consult for information on a given software feature
and which switches support that feature.
Feature Management
and
Configuration
Advanced
Traffic
Management
Access
Security
Guide
Supported
on 5300xl
Supported
on 4200vl
Supported
on 3400cl/
6400cl
802.1Q VLAN Tagging X yes yes yes
802.1X Port-Based Priority X yes yes yes
802.1X Multiple Authenticated
Clients per port
X yes no yes
ACLs X yes no yes
AAA Authentication X yes yes yes
Authorized IP Managers X yes yes yes
Authorized Manager List (web,
telnet, TFTP)
X yes yes yes
Auto MDIX Configuration X yes yes yes
BOOTP X yes yes yes
Config File X yes yes yes
Console Access X yes yes yes
Copy Command X yes yes yes
CoS (Class of Service) X yes yes yes
Debug X yes yes yes
DHCP Configuration X yes yes yes
DHCP Option 82 X yes yes no
DHCP/Bootp Operation X yes yes yes
Diagnostic Tools X yes yes yes
Downloading Software X yes yes yes
xx
Product Documentation
Feature Index
Feature Management
and
Configuration
Advanced
Traffic
Management
Access
Security
Guide
Supported
on 5300xl
Supported
on 4200vl
Supported
on 3400cl/
6400cl
Eavesdrop Protection X yes yes no
Event Log
Factory Default Settings
X
X
yes
yes
yes
yes
yes
yes
Flow Control (802.3x) X yes yes yes
File Management X yes yes yes
File Transfers X yes yes yes
Friendly Port Names X yes yes yes
Guaranteed Minimum Bandwidth
(GMB)
X yes no yes
GVRP X yes yes yes
IGMP X yes yes yes
Delayed Group Flush X yes yes yes
Interface Access (Telnet, Console/
Serial, Web)
X yes yes yes
IP Addressing X yes yes yes
IP Routing X yes yes yes
Jumbos Support X yes no yes
LACP X yes yes yes
Link X yes yes yes
LLDP X yes yes yes
LLDP-Med X yes yes no
MAC Address Management X yes yes yes
MAC Lockdown X yes yes yes
MAC Lockout X yes yes yes
MAC-based Authentication X yes yes yes
MAC authentication RADIUS
support
X yes yes yes
Management VLAN X yes yes yes
xxi
Product Documentation
Feature Index
Feature Management
and
Configuration
Advanced
Traffic
Management
Access
Security
Guide
Supported
on 5300xl
Supported
on 4200vl
Supported
on 3400cl/
6400cl
Meshing
Monitoring and Analysis X
X yes
yes
no
yes
yes
yes
Multicast Filtering X yes no no
Multiple Configuration Files X yes yes yes
NAT X yes no yes
Network Management
Applications
X yes SNMP
only
SNMP
only
OpenView Device Management X yes yes yes
OSPF X yes no yes
Passwords X yes yes yes
Password Clear Protection X yes yes yes
PCM X yes yes yes
PIM Dense, Sparse X yes no no
Ping X yes yes yes
Port Configuration X yes yes yes
Port Monitoring X yes yes yes
Port Security X yes yes yes
Port Status X yes yes yes
Port Trunking (LACP) X yes yes yes
Port-Based Access Control X yes yes yes
Port-Based Priority (802.1Q) X yes yes yes
Power over Ethernet (PoE) X yes no no
Protocol Filters X yes no no
Protocol VLANS X yes no yes
Quality of Service (QoS) X yes yes yes
RADIUS Authentication and
Accounting
X yes yes yes
Rate-limiting X yes no yes
xxii
Product Documentation
Feature Index
Feature Management
and
Configuration
Advanced
Traffic
Management
Access
Security
Guide
Supported
on 5300xl
Supported
on 4200vl
Supported
on 3400cl/
6400cl
RIP
RMON 1,2,3,9 X
X yes
yes
no
yes
yes
yes
Routing X yes yes yes
Routing - IP Static X yes yes yes
Secure Copy X yes yes yes
SFLOW yes yes yes
SFTP X yes yes yes
SNMPv3 X yes yes yes
Software Downloads (SCP/SFTP,
TFTP, Xmodem)
X X yes yes yes
Source-Port Filters X yes yes yes
Spanning Tree (STP, RSTP, MSTP) X yes yes yes
SSHv2 (Secure Shell) Encryption X yes yes yes
SSL (Secure Socket Layer) X yes yes yes
Stack Management (Stacking) X no yes yes
Syslog X yes yes yes
System Information X yes yes yes
TACACS+ Authentication X yes yes yes
Telnet Access X yes yes yes
TFTP X yes yes yes
Time Protocols (TimeP, SNTP) X yes yes yes
Traffic/Security Filters X yes yes yes
Troubleshooting X yes yes yes
UDP Forwarder X yes yes yes
Virtual Stacking X no yes yes
Virus Throttling (connection-rate
filtering)
X yes no no
VLANs X yes yes yes
xxiii
Product Documentation
Feature Index
Feature Management
and
Configuration
Advanced
Traffic
Management
Access
Security
Guide
Supported
on 5300xl
Supported
on 4200vl
Supported
on 3400cl/
6400cl
VLAN Mirroring (1 static VLAN) X yes yes no
Voice VLAN X yes yes yes
Web Authentication RADIUS X yes yes yes
Support
Web-based Authentication X yes yes yes
Web UI X yes yes yes
Xmodem X yes yes yes
XRRP X yes no yes
xxiv
1
Getting Started
Contents
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Feature Descriptions by Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Command Syntax Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Command Prompts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Screen Simulations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
Port Identity Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
Sources for More Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
Getting Documentation From the Web . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
Online Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7
Need Only a Quick Start? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8
IP Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8
To Set Up and Install the Switch in Your Network . . . . . . . . . . . . . . . 1-9
1-1
Getting Started
Introduction
Introduction
This Management and Configuration Guide is intended for use with the
following switches:
■ ProCurve Switch 10G CX4 ■ ProCurve Switch 10G X2
6400cl-6xg 6400cl-6xg
■ ProCurve Switch 5304xl ■ ProCurve Switch 5348xl
■ ProCurve Switch 5308xl ■ ProCurve Switch 5372xl
■ ProCurve Switch 4204vl ■ ProCurve Switch 4208vl
■ ProCurve Switch 4202vl-48G ■ ProCurve Switch 4202vl-72
■ ProCurve Switch 3400cl-24G ■ ProCurve Switch 3400cl-48G
This guide describes how to use the command line interface (CLI), Menu
interface, and web browser to configure, manage, monitor, and troubleshoot
switch operation.
For an overview of other product documentation for the above switches, refer
to “Product Documentation” on page xix.
The Product Documentation CD-ROM shipped with the switch includes a
copy of this guide. You can also download a copy from the ProCurve Networking web site, http://www.procurve.com.
Conventions
This guide uses the following conventions for command syntax and displayed
information.
Feature Descriptions by Model
In cases where a software feature is not available in all of the switch models
covered by this guide, the section heading specifically indicates which product
or product series offer the feature.
For example, (the switch is highlighted here in bold italics):
“QoS Pass-Through Mode on the Series 5300xl and 4200vl Switches”.
1-2
Getting Started
Conventions
Command Syntax Statements
Syntax: ip < default-gateway < ip-addr >> | routing >
Syntax: show interfaces [port-list ]
■ Vertical bars ( | ) separate alternative, mutually exclusive elements.
■ Square brackets ( [ ] ) indicate optional elements.
■ Braces ( < > ) enclose required elements.
■ Braces within square brackets ( [ < > ] ) indicate a required element within
an optional choice.
■ Boldface indicates use of a CLI command, part of a CLI command syntax,
or other displayed element in general text. For example:
“Use the copy tftp command to download the key from a TFTP server.”
■ Italics indicate variables for which you must supply a value when execut-
ing the command. For example, in this command syntax, you must provide
one or more port numbers:
Syntax: aaa port-access authenticator < port-list >
Command Prompts
In the default configuration, your switch displays one of the following CLI
prompts:
ProCurve 6400cl#
ProCurve 5304xl#
ProCurve 5308xl#
ProCurve 4204vl#
ProCurve 4208vl#
ProCurve 3400-24cl#
ProCurve 3400-48cl#
To simplify recognition, this guide uses ProCurve to represent command
prompts for all models. For example:
ProCurve#
(You can use the hostname command to change the text in the CLI prompt.)
1-3
Getting Started
Sources for More Information
Screen Simulations
Displayed Text. Figures containing simulated screen text and command
output look like this:
ProCurve> show version
Image stamp: /sw/code/build/info
September 30 2005 13:43:13
E.08.22
139
ProCurve>
Figure 1-1. Example of a Figure Showing a Simulated Screen
In some cases, brief command-output sequences appear without figure identification. For example:
ProCurve(config)# clear public-key
ProCurve(config)# show ip client-public-key
show_client_public_key: cannot stat keyfile
Port Identity Examples
This guide describes software applicable to both chassis-based and stackable
ProCurve switches. Where port identities are needed in an example, this guide
uses the chassis-based port identity system, such as “A1, “B3-B5”, “C7”, etc.
However, unless otherwise noted, such examples apply equally to the stackable switches, which typically use only numbers, such as “1”, “3-5”, “15”, etc.
for port identities.
Keys
Simulations of actual keys use a bold, sans-serif typeface with square brackets.
For example, the Tab key appears as
[Tab] and the “Y” key appears as [Y].
Sources for More Information
For additional information about switch operation and features not covered
in this guide, consult the following sources:
■ For information on which product manual to consult on a given software
feature, refer to the chapter “Product Documentation”.
1-4
Getting Started
Sources for More Information
Note For the latest version of all ProCurve switch documentation, including
Release Notes covering recently added features, visit the ProCurve Networking web site at http://www.procurve.com, click on Technical support, and
then click on Product Manuals (all).
■ Software Release Notes—Release notes are posted on the ProCurve
Networking web site and provide information on new software updates:
• New features and how to configure and use them
• Software management, including downloading software to the switch
• Software fixes addressed in current and previous releases
To view and download a copy of the latest software release notes for your
switch, refer to “Getting Documentation From the Web” on page 1-6.
■ Product Notes and Software Update Information—The printed Read Me
First shipped with your switch provides software update information,
product notes, and other information. For the latest version, refer to
“Getting Documentation From the Web” on page 1-6.
■ Installation and Getting Started Guide—Use the Installation and Getting
Started Guide shipped with your switch to prepare for and perform the
physical installation. This guide also steps you through connecting the
switch to your network and assigning IP addressing, as well as describing
the LED indications for correct operation and trouble analysis. A PDF
version of this guide is also provided on the Product Documentation CD-
ROM shipped with the switch. And you can download a copy from the
ProCurve Networking web site. (See “Getting Documentation From the
Web” on page 1-6.)
■ Advanced Traffic Management Guide—Use the Advanced Traffic Man-
agement Guide for information on:
• VLANs: Static port-based and protocol VLANs, and dynamic GVRP
VLANs
• Multicast traffic control (IGMP) and Protocol-Independent Multicast
routing (PIM-DM)
• Spanning-Tree: 802.1D (STP), 802.1w (RSTP), and 802.1s (MSTP)
• Meshing
• Quality-of-Service (QoS)
• Access Control Lists (ACLs)
• IP routing
• Static NAT for intranet applications (Series 5300xl switches only)
• XRRP (XL Router Redundancy Protocol)
1-5
Getting Started
Sources for More Information
■ Access Security Guide—Use the Access Security Guide for information
on:
• Local username and password security
• Web-Based and MAC-based authentication
• RADIUS and TACACS+ authentication
• SSH (Secure Shell) and SSL (Secure Socket Layer) operation
• 802.1x port-based access control
• Port security operation with MAC-based control
• Authorized IP Manager security
• Key Management System (KMS)
Getting Documentation From the Web
1. Go to the ProCurve Networking web site at
http://www.procurve.com
2. Click on Technical support.
3. Click on Product manuals (all).
4. Click on the product for which you want to view or download a manual.
Figure 1-2. Example of How to Locate Product Manuals on the ProCurve
Networking Web Site
1-6
Getting Started
Sources for More Information
Figure 1-3. Listing of ProCurve Manuals on the ProCurve Networking Web Site
Online Help
If you need information on specific parameters in the menu interface, refer to
the online help provided in the interface. For example:
Online Help
for Menu
If you need information on a specific command in the CLI, type the command
name followed by “help”. For example:
1-7
Getting Started
Need Only a Quick Start?
If you need information on specific features in the web browser interface, use
the online help available for the web browser interface. For more information
on web browser Help options, refer to “Online Help for the Web Browser
Interface” on page 5-11.
If you need further information on ProCurve switch technology, visit the
ProCurve Networking web site at:
http://www.procurve.com
Need Only a Quick Start?
IP Addressing
If you just want to give the switch an IP address so that it can communicate
on your network, or if you are not using VLANs, HP recommends that you use
the Switch Setup screen to quickly configure IP addressing. To do so, do one
of the following:
■ Enter setup at the CLI Manager level prompt.
Procurve# setup
■ In the Main Menu of the Menu interface, select
8. Run Setup
For more on using the Switch Setup screen, see the Installation and Getting
Started Guide you received with the switch.
1-8
Getting Started
To Set Up and Install the Switch in Your Network
To Set Up and Install the Switch in Your
Network
Use the ProCurve Installation and Getting Started Guide (shipped with the
switch) for the following:
■ Notes, cautions, and warnings related to installing and using the switch
and its related modules
■ Instructions for physically installing the switch in your network
■ Quickly assigning an IP address and subnet mask, set a Manager pass-
word, and (optionally) configure other basic features.
■ Interpreting LED behavior.
For the latest version of the Installation and Getting Started Guide for your
switch, refer to “Getting Documentation From the Web” on page 1-6.
1-9
Getting Started
To Set Up and Install the Switch in Your Network
— This page unused intentionally—
1-10
2
Selecting a Management Interface
Contents
Selecting a Management Interface
Contents
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
Advantages of Using ProCurve Manager
Custom Login Banners for the Console and
Understanding Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
Advantages of Using the Menu Interface . . . . . . . . . . . . . . . . . . . . . . . . 2-3
Advantages of Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
General Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
Information on Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
Advantages of Using the Web Browser Interface . . . . . . . . . . . . . . . . 2-5
or ProCurve Manager Plus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7
Web Browser Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-10
Banner Operation with Telnet, Serial, or SSHv2 Access . . . . . . . 2-11
Banner Operation with Web Browser Access . . . . . . . . . . . . . . . 2-11
Configuring and Displaying a Non-Default Banner . . . . . . . . . . . 2-11
Example of Configuring and Displaying a Banner . . . . . . . . . . . . 2-12
Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-15
2-1
Selecting a Management Interface
Overview
Overview
This chapter describes the following:
■ Management interfaces for the switches covered by this guide
■ Advantages of using each interface
Understanding Management Interfaces
Management interfaces enable you to reconfigure the switch and to monitor
switch status and performance. The switch offers the following interfaces:
■ Menu interface—a menu-driven interface offering a subset of switch
commands through the built-in VT-100/ANSI console—2-3
■ CLI—a command line interface offering the full set of switch commands
through the VT-100/ANSI console built into the switch—2-4
■ Web browser interface --a switch interface offering status information
and a subset of switch commands through a standard web browser (such
as Netscape Navigator or Microsoft Internet Explorer)—2-5
■ ProCurve Manager (PCM)—a windows-based network management
solution included in-box with all manageable ProCurve devices. Features
include automatic device discovery, network status summary, topology
and mapping, and device management.
■ ProCurve Manager Plus (PCM+)—a complete windows-based
network management solution that provides both the basic features
offered with PCM, as well as more advanced management features,
including in-depth traffic analysis, group and policy management, configuration management, device software updates, and advanced VLAN
management. (ProCurve includes a copy of PCM+ in-box for a free 30-day
trial.)
This manual describes how to use the menu interface (chapter 2), the CLI
(chapter 3), the web browser interface (chapter 4), and how to use these
interfaces to configure and monitor the switch.
For information on how to access the web browser interface Help, see “Online
Help for the Web Browser Interface” on page 5-11.
2-2
Selecting a Management Interface
Advantages of Using the Menu Interface
To use ProCurve Manager or ProCurve Manager Plus, refer to the Getting
Started Guide and the Administrator’s Guide, which are available electron-
ically with the software for these applications. For more information, visit the
ProCurve Networking web site at http://www.procurve.com.
Advantages of Using the Menu Interface
Figure 2-1. Example of the Console Interface Display (3400cl/6400cl Switches)
■ Provides quick, easy management access to a menu-driven subset of
switch configuration and performance features:
• IP addressing
• System information
• VLANs and GVRP
• Local passwords
• Port Security
•SNMP communities
• Port and Static Trunk Group
• Time protocols
• Spanning Tree
• Stacking (3400cl/6400cl/4200vl
switches only)
The menu interface also provides access for:
•Setup screen
• Switch and port statistic and counter displays
• Event Log display
• Reboots
• Switch and port
• Software downloads
status displays
2-3
Selecting a Management Interface
Advantages of Using the CLI
■ Offers out-of-band access (through the RS-232 connection) to the
switch, so network bottlenecks, crashes, lack of configured or correct IP
address, and network downtime do not slow or prevent access
■ Enables Telnet (in-band) access to the menu functionality.
■ Allows faster navigation, avoiding delays that occur with slower
display of graphical objects over a web browser interface.
■ Provides more security; configuration information and passwords are
not seen on the network.
Advantages of Using the CLI
ProCurve>
Prompt for Operator Level
ProCurve#
Prompt for Manager Level
ProCurve(config)#
Prompt for Global Configuration
Level
ProCurve(<context>)#
Prompt for Context
Configuration Levels
For example:
ProCurve(eth-1-5)#
ProCurve(vlan-1)#
ProCurve(pim)#
ProCurve(rip)#
Figure 2-2. Command Prompt Examples
General Benefits
■ Provides access to the complete set of the switch configuration, perfor-
mance, and diagnostic features.
■ Offers out-of-band access (through the RS-232 connection) or Telnet (in-
band) access.
■ Enables quick, detailed system configuration and management access to
system operators and administrators experienced in command prompt
interfaces.
■ Provides help at each level for determining available options and vari-
ables.
2-4
Selecting a Management Interface
Advantages of Using the Web Browser Interface
Information on Using the CLI
■ For information on how to use the CLI, refer to chapter 3. “Using the
Command Line Interface (CLI)”.
■ To perform specific procedures (such as configuring IP addressing or
VLANs), use the Contents listing at the front of the manual to locate the
information you need.
■ For monitoring and analyzing switch operation, refer to appendix B.
■ For information on individual CLI commands, refer to the Index or to the
online Help provided in the CLI interface.
Advantages of Using the Web Browser
Interface
Figure 2-3. Example of the Web Browser Interface
■ Easy access to the switch from anywhere on the network
2-5
Selecting a Management Interface
Advantages of Using the Web Browser Interface
■ Familiar browser interface--locations of window objects consistent
with commonly used browsers, uses mouse clicking for navigation, no
terminal setup
■ Many features have all their fields in one screen so you can view all
values at once
■ More visual cues, using colors, status bars, device icons, and other
graphical objects instead of relying solely on alphanumeric values
■ Display of acceptable ranges of values available in configuration list
boxes
2-6
Selecting a Management Interface
Advantages of Using ProCurve Manager or ProCurve Manager Plus
Advantages of Using ProCurve Manager
or ProCurve Manager Plus
You can operate ProCurve Manager and ProCurve Manager Plus (PCM and
PCM+) from a PC on the network to monitor traffic, manage your hubs and
switches, and proactively recommend network changes to increase network
uptime and optimize performance. Easy to install and use, PCM and PCM+ are
the answers to your management challenges.
Figure 2-4. Example of the Home Page for ProCurve Manager Plus
2-7
Selecting a Management Interface
Advantages of Using ProCurve Manager or ProCurve Manager Plus
PCM and PCM+ enable greater control, uptime, and performance in your
network:
■ Features and benefits of ProCurve Manager:
• Network Status Summary: Upon boot-up, a network status screen
displays high-level information on network devices, end nodes,
events, and traffic levels. From here, users can research any one of
these areas to get more details.
• Alerts and Troubleshooting: An events summary screen displays
alerts to the user and categorizes them by severity, making it easier
to track where bottlenecks and issues exist in the network. Alerts
present detailed information on the problem, even down to the specific port.
• Automatic Device Discovery: This feature is customized for fast
discovery of all ProCurve manageable network devices. The user can
define which IP subnets to discover.
• Topology and Mapping: This feature automatically creates a map
of discovered network devices. Maps are color-coded to reflect device
status and can be viewed at multiple levels (physical view, subnet
view, or VLAN view).
• Device Management: Many device-focused tasks can be performed
directly by the software, or the user can access web-browser and
command-line interfaces with the click of a button to manage individual devices from inside the tool.
■ Features and benefits of ProCurve Manager Plus:
• All of the Features of ProCurve Manager: Refer to the above
listing.
• In-Depth Traffic Analysis: An integrated, low-overhead traffic
monitor interface shows detailed information on traffic throughout
the network. Using enhanced traffic analysis protocols such as
Extended RMON and sFlow, users can monitor overall traffic levels,
segments with the highest traffic, or even the top users within a
network segment.
• Group and Policy Management: Changes in configuration are
tracked and logged, and archived configurations can be applied to one
or many devices. Configurations can be compared over time or
between two devices, with the differences highlighted for users.
• Advanced VLAN Management: A new, easy-to-use VLAN management interface allows users to create and assign VLANs across the
entire network, without having to access each network device individually.
2-8
Selecting a Management Interface
Advantages of Using ProCurve Manager or ProCurve Manager Plus
• Device Software Updates: This feature automatically obtains new
device software images from ProCurve and updates devices, allowing
users to download the latest version or choose the desired version.
Updates can be scheduled easily across large groups of devices, all at
user-specified times.
• Investment Protection: The modular software architecture of
ProCurve Manager Plus will allow HP to offer network administrators
add-on software solutions that complement their needs.
2-9
Selecting a Management Interface
Advantages of Using ProCurve Manager or ProCurve Manager Plus
Custom Login Banners for the Console and
Web Browser Interfaces
You can now configure the switch to display a login banner of up to 320
characters when an operator initiates a management session with the switch
through any of the following methods:
■ Telnet
■ serial connection
■ SSHv2 (SSHv1 does not include support for banners.)
■ Web browser
In the factory default configuration, the switch displays the following default
banner:
Default banner appearing
with software release
E.10.02 and greater.
Figure 1. The Default Login Banner
Note
The switch’s Web browser interface does not display the default banner.
2-10
Selecting a Management Interface
Advantages of Using ProCurve Manager or ProCurve Manager Plus
Banner Operation with Telnet, Serial, or SSHv2 Access
When a system operator begins a login session, the switch displays the banner
above the local password prompt or, if no password is configured, above the
Press any key to continue prompt. Entering a correct password or, if no password
is configured, pressing any key clears the banner from the CLI and displays
the CLI prompt. (Refer to figure<zBlue> 1 on page 2-10.)
Banner Operation with Web Browser Access
When a system operator uses a Web browser to access the switch, the text of
a non-default banner configured on the switch appears in a dedicated banner
window with a link to the Web agent home page. Clicking on To Home Pa ge
clears the banner window and prompts the user for a password (if configured).
Following entry of the correct username/password information (or if no
username/password is required), the switch then displays either the Registration page or the switch’s home page. Note that if the banner feature is disabled
or if the switch is using the factory-default banner shown in figure <zBlue> 1,
then the banner page does not appear in the Web browser when an operator
initiates a login session with the switch.
Configuring and Displaying a Non-Default Banner
You can enable or disable banner operation using either the switch’s CLI or
an SNMP application. The steps include:
1. Enable non-default banner operation and define the endpoint delimiter
for the banner.
2. Enter the desired banner text, including any specific line breaks you
want.
3. Enter the endpoint delimiter.
4. Use show banner motd to display the current banner status.
Syntax: banner motd < delimiter >
no banner motd
This command defines the single character used to terminate the banner text and
enables banner text input. You can use any character except a blank space as a
delimiter. The no form of the command disables the login banner feature.
< banner-text-string >
2-11
Selecting a Management Interface
Advantages of Using ProCurve Manager or ProCurve Manager Plus
The switch allows up to 320 banner characters, including blank spaces and
CR-LF (
[Enter]). (The tilde “ ~“ and the delimiter defined by banner motd
<delimiter> are not allowed as part of the banner text.) While entering banner
text, you can backspace to edit the current line (that is, a line that has not
been terminated by a CR-LF.) However, terminating a line in a banner by
entering a CR-LF prevents any further editing of that line. To edit a line in
a banner entry after terminating the line with a CR-LF requires entering the
delimiter described above and then re-configuring new banner text.
The banner text string must terminate with the character defined by banner
motd < delimiter >.
Example of Configuring and Displaying a Banner
Suppose a system operator wanted to configure the following banner message
on her company’s 5300xl switches:
This is a private system maintained by the
Allied Widget Corporation.
Unauthorized use of this system can result in
civil and criminal penalties!
In this case, the operator will use the [Enter] key to create line breaks, blank
spaces for line centering, and the % symbol to terminate the banner message.
Figure 2. Example of Configuring a Login Banner
To view the current banner configuration, use either the show banner motd or
show running command.
2-12
Selecting a Management Interface
Advantages of Using ProCurve Manager or ProCurve Manager Plus
ProCurve(config)# show banner motd
Banner Information
Banner status: Enabled
Configured Banner:
This is a private system maintained by the
Allied Widget Corporation.
Unauthorized use of this system can result in
civil and criminal penalties!
Figure 3. Example of show banner motd Output
Shows the current banner
configuration.
Figure 4. The Current Banner Appears in the Switch’s Running-Config File
2-13
Selecting a Management Interface
Advantages of Using ProCurve Manager or ProCurve Manager Plus
The next time someone logs onto the switch’s management CLI, the following
appears:
The login screen displays the
configured banner.
Entering a correct password
clears the banner and displays
the CLI prompt.
Figure 5. Example of CLI Result of the Login Banner Configuration
2-14
Selecting a Management Interface
Advantages of Using ProCurve Manager or ProCurve Manager Plus
If someone uses a Web browser to log in to the switch interface, the following
message appears:
Figure 6. Example of Web Browser Interface Result of the Login Banner
Configuration
Operating Notes
■ The default banner appears only when the switch is in the factory
default configuration. Using no banner motd deletes the currently
configured banner text and blocks display of the default banner. The
default banner is restored only if the switch is reset to its factorydefault configuration.
■ The switch supports one banner at any time. Configuring a new
banner replaces any former banner configured on the switch.
■ If the switch is configured with ssh version 1 or ssh version 1-or-2,
configuring the banner sets the SSH configuration to ssh version 2
and displays the following message in the CLI:
Warning: SSH version has been set to v2.
■ If a banner is configured, the switch does not allow configuration with
ssh version 1 or ssh version 1-or-2. Attempting to do so produces the
following error message in the CLI:
Banner has to be disabled first.
■ If a banner is enabled on the switch, the Web browser interface
displays the following link to the banner page:
Notice to all users
2-15
Selecting a Management Interface
Advantages of Using ProCurve Manager or ProCurve Manager Plus
— This page is intentionally unused. —
2-16
3
Using the Menu Interface
Contents
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2
Starting and Ending a Menu Session . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
How To Start a Menu Interface Session . . . . . . . . . . . . . . . . . . . . . . . . . 3-4
How To End a Menu Session and Exit from the Console: . . . . . . . . . . 3-5
Main Menu Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7
Screen Structure and Navigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9
Rebooting the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-12
Menu Features List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-14
Where To Go From Here 3-15
3-1
Using the Menu Interface
Overview
Overview
This chapter describes the following features:
■ Overview of the Menu Interface (page 3-2)
■ Starting and ending a Menu session (page 3-3)
■ The Main Menu (page 3-7)
■ Screen structure and navigation (page 3-9)
■ Rebooting the switch (page 3-12)
The menu interface operates through the switch console to provide you with
a subset of switch commands in an easy-to-use menu format enabling you to:
■ Perform a “quick configuration” of basic parameters, such as the IP
addressing needed to provide management access through your network
■ Configure these features:
• Manager and Operator
• A network monitoring port
passwords
• Stack Management (3400cl and
• System parameters
6400cl switches only)
• IP addressing
• Spanning Tree operation
• Time protocol
• SNMP community names
•Ports
• IP authorized managers
• Trunk groups
• VLANs (Virtual LANs) and GVRP
■ View status, counters, and Event Log information
■ Update switch software
■ Reboot the switch
For a detailed list of menu features, see the “Menu Features List” on page 3-14.
Privilege Levels and Password Security. HP strongly recommends that
you configure a Manager password to help prevent unauthorized access to
your network. A Manager password grants full read-write access to the switch.
An Operator password, if configured, grants access to status and counter,
Event Log, and the Operator level in the CLI. After you configure passwords
on the switch and log off of the interface, access to the menu interface (and
the CLI and web browser interface) will require entry of either the Manager
or Operator password. (If the switch has only a Manager password, then
someone without a password can still gain read-only access.)
3-2
Using the Menu Interface
Starting and Ending a Menu Session
Note If the switch has neither a Manager nor an Operator password, anyone
having access to the console interface can operate the console with full
manager privileges. Also, if you configure only an Operator password,
entering the Operator password enables full manager privileges.
For more information on passwords, refer to the Access Security Guide for
your switch.
Menu Interaction with Other Interfaces.
■ The menu interface displays the current running-config parameter set-
tings. You can use the menu interface to save configuration changes made
in the CLI only if the CLI changes are in the running config when you save
changes made in the menu interface. (For more on how switch memory
manages configuration changes, see Chapter 6, “Switch Memory and
Configuration”.)
■ A configuration change made through any switch interface overwrites
earlier changes made through any other interface.
■ The Menu Interface and the CLI (Command Line Interface) both use the
switch console. To enter the menu from the CLI, use the
menu command.
To enter the CLI from the Menu interface, select
Command Line (CLI) option.)
Starting and Ending a Menu Session
You can access the menu interface using any of the following:
■ A direct serial connection to the switch’s console port, as described in the
installation guide you received with the switch
■ A Telnet connection to the switch console from a networked PC or the
switch’s web browser interface. Telnet requires that an IP address and
subnet mask compatible with your network have already been configured
on the switch.
Note This section assumes that either a terminal device is already configured and
connected to the switch (see the Installation and Getting Started Guide
shipped with your switch) or that you have already configured an IP address
on the switch (required for Telnet access).
3-3
Using the Menu Interface
Starting and Ending a Menu Session
How To Start a Menu Interface Session
In its factory default configuration, the switch console starts with the CLI
prompt. To use the menu interface with Manager privileges, go to the Manager
level prompt and enter the
menu command.
1. Use one of these methods to connect to the switch:
• A PC terminal emulator or terminal
• Telnet
2. Do one of the following:
• If you are using Telnet, go to step 3.
• If you are using a PC terminal emulator or a terminal, press
[Enter] one
or more times until a prompt appears.
3. When the switch screen appears, do one of the following:
• If a password has been configured, the password prompt appears.
Password: _
Type the Manager password and press
[Enter]. Entering the Manager
password gives you manager-level access to the switch. (Entering the
Operator password gives you operator-level access to the switch.
Refer to the Access Security Guide for your switch.)
• If no password has been configured, the CLI prompt appears. Go to
the next step.
4. When the CLI prompt appears, display the Menu interface by entering the
menu command. For example:
ProCurve# menu
[Enter]
results in the following display:
3-4
Using the Menu Interface
Starting and Ending a Menu Session
Stacking is available on Series 3400cl and
Series 6400cl switches.
Figure 3-1. Example of the Main Menu with Manager Privileges
For a description of Main Menu features, see “Main Menu Features” on page
3-7.
Note To configure the switch to start with the menu interface instead of the CLI, go
to the Manager level prompt in the CLI, enter the
setup command, and in the
resulting display, change the
Logon Default parameter to Menu. For more infor-
mation, see the Installation and Getting Started Guide you received with the
switch.
How To End a Menu Session and Exit from the Console:
The method for ending a menu session and exiting from the console depends
on whether, during the session, you made any changes to the switch configuration that require a switch reboot to activate. (Most changes via the menu
interface need only a S
ave, and do not require a switch reboot.) Configuration
changes needing a reboot are marked with an asterisk (*) next to the configured item in the menu and also next to the Switch Configuration item in the
Main Menu.
3-5
Using the Menu Interface
Starting and Ending a Menu Session
Asterisk indicates a
configuration change
that requires a reboot
to activate.
Stacking is available on Series 3400/6400cl switches and
Series 4200vlswitches.
Figure 3-2. Example Indication of a Configuration Change Requiring a Reboot
1. In the current session, if you have not made configuration changes that
require a switch reboot to activate, return to the Main Menu and press
[0]
(zero) to log out. Then just exit from the terminal program, turn off the
terminal, or quit the Telnet session.
2. If you have made configuration changes that require a switch reboot—
that is, if an asterisk (*) appears next to a configured item or next to Switch
Configuration in the Main Menu:
a. Return to the Main Menu.
b. Press
[6] to select Reboot Switch and follow the instructions on the
reboot screen.
Rebooting the switch terminates the menu session, and, if you are using
Telnet, disconnects the Telnet session.
(See “Rebooting To Activate Configuration Changes” on page 3-13.)
3. Exit from the terminal program, turn off the terminal, or close the Telnet
application program.
3-6
Using the Menu Interface
Main Menu Features
Main Menu Features
Figure 3-3. The Main Menu View with Manager Privileges
The Main Menu gives you access to these Menu interface features:
■ Status and Counters: Provides access to display screens showing
switch information, port status and counters, port and VLAN address
tables, and spanning tree information. (See Appendix B, “Monitoring and
Analyzing Switch Operation”.)
■ Switch Configuration: Provides access to configuration screens for
displaying and changing the current configuration settings. (See the Contents listing at the front of this manual.) For a listing of features and
parameters configurable through the menu interface, see the “Menu Features List” on page 3-14 .
■ Console Passwords: Provides access to the screen used to set or change
Manager-level and Operator-level passwords, and to delete Manager and
Operator password protection. (Refer to the chapter on configuring usernames and passwords in the Access Security Guide for your switch.)
■ Event Log: Enables you to read progress and error messages that are
useful for checking and troubleshooting switch operation. (See “Using the
Event Log To Identify Problem Sources” on page C-26.)
3-7
Using the Menu Interface
Main Menu Features
■ Command Line (CLI): Selects the Command Line Interface at the same
level (Manager or Operator) that you are accessing in the Menu interface.
(Refer to chapter 3, “Using the Command Line Interface (CLI)”.)
■ Reboot Switch: Performs a “warm” reboot of the switch, which clears
most temporary error conditions, resets the network activity counters to
zero, and resets the system up-time to zero. A reboot is required to activate
a change in the VLAN Support parameter. (See “Rebooting from the Menu
Interface” on page 6-10.)
■ Download OS: Enables you to download a new switch software version
to the switch. (See Appendix A, “File Transfers”.)
■ Run Setup: Displays the Switch Setup screen for quickly configuring
basic switch parameters such as IP addressing, default gateway, logon
default interface, spanning tree, and others. (See the Installation and
Getting Started Guide for your switch.)
■ Logout: Closes the Menu interface and console session, and disconnects
Telnet access to the switch. (See “How to End a Menu Session and Exit
from the Console” on page 3-5.)
3-8
Using the Menu Interface
Screen Structure and Navigation
Screen Structure and Navigation
Menu interface screens include these three elements:
■ Parameter fields and/or read-only information such as statistics
■ Navigation and configuration actions, such as Save, Edit, and Cancel
■ Help line to describe navigation options, individual parameters, and read-
only data
For example, in the following System Information screen:
Help line
describing the
selected action
or selected
parameter field
Parameter fields
Help describing each of the
items in the parameter fields
Navigation instructions
Actions line
Screen title – identifies
the location within the
menu structure
Figure 3-4. Elements of the Screen Structure
“Forms” Design. The configuration screens, in particular, operate similarly
to a number of PC applications that use forms for data entry. When you first
enter these screens, you see the current configuration for the item you have
selected. To change the configuration, the basic operation is to:
1. Press
[E] to select the Edit action.
2. Navigate through the screen making all the necessary configuration
changes. (See Table 4-1 on the next page.)
3. Press
[Enter] to return to the Actions line. From there you can save the
configuration changes or cancel the changes. Cancel returns the configuration to the values you saw when you first entered the screen.
3-9
Using the Menu Interface
Screen Structure and Navigation
Table 3-1. How To Navigate in the Menu Interface
Task: Actions:
Execute an action
from the “Actions –>”
list at the bottom of
the screen:
Use either of the following methods:
• Use the arrow keys ( [<] ,or [>] ) to highlight the action you want
to execute, then press [Enter].
• Press the key corresponding to the capital letter in the action
name. For example, in a configuration menu, press [E] to select
Edit and begin editing parameter values.
Reconfigure (edit) a
parameter setting or a
field:
1. Select a configuration item, such as System Name. (See figure
3-4.)
2. Press [E] (for E
dit on the Actions line).
3. Use [Tab] or the arrow keys ([<], [>], [^], or [v]) to highlight the
item or field.
4. Do one of the following:
– If the parameter has preconfigured values, either use the
Space bar to select a new option or type the first part of your
selection and the rest of the selection appears automatically.
(The help line instructs you to “Select” a value.)
– If there are no preconfigured values, type in a value (the Help
line instructs you to “Enter” a value).
5. If you want to change another parameter value, return to step 3.
6. If you are finished editing parameters in the displayed screen,
press [Enter] to return to the Actions line and do one of the
following:
– To save and activate configuration changes, press [S] (for the
Save action). This saves the changes in the startup
configuration and also implements the change in the
currently running configuration. (See Chapter 6, “Switch
Memory and Configuration”.)
– To exit from the screen without saving any changes that you
have made (or if you have not made changes), press [C] (for
the Cancel action).
Note: In the menu interface, executing Save activates most
parameter changes and saves them in the startup configuration
(or flash) memory, and it is therefore not necessary to reboot the
switch after making these changes. But if an asterisk appears
next to any menu item you reconfigure, the switch will not
activate or save the change for that item until you reboot the
switch. In this case, rebooting should be done after you have
made all desired changes and then returned to the Main Menu.
7. When you finish editing parameters, return to the Main Menu.
8. If necessary, reboot the switch by highlighting Reboot Switch in
the Main Menu and pressing [Enter]. (See the Note, above.)
Exit from a read-only Press [B] (for the Back action).
screen.
3-10
Using the Menu Interface
Screen Structure and Navigation
To get Help on individual parameter descriptions. In most screens
there is a Help option in the Actions line. Whenever any of the items in the
Actions line is highlighted, press
[H], and a separate help screen is displayed.
For example:
Pressing [H] or highlighting Help and
pressing [Enter] displays Help for the
parameters listed in the upper part of
the screen
Highlight on any item
in the Actions line
indicates that the
Actions line is active.
The Help line provides
a brief descriptor of
the highlighted Action
item or parameter.
Figure 3-5. Example Showing How To Display Help
To get Help on the actions or data fields in each screen: Use the arrow
keys (
[<], [>], [^], or [v]) to select an action or data field. The help line under the
Actions items describes the currently selected action or data field.
For guidance on how to navigate in a screen: See the instructions provided
at the bottom of the screen, or refer to “Screen Structure and Navigation” on
page 3-9.)
3-11
Using the Menu Interface
Rebooting the Switch
Rebooting the Switch
Rebooting the switch from the menu interface
■ Terminates all current sessions and performs a reset of the operating
system
■ Activates any menu interface configuration changes that require a reboot
■ Resets statistical counters to zero
(Note that statistical counters can be reset to zero without rebooting the
switch.)
To Reboot the switch, use the Reboot Switch option in the Main Menu. (Note
that Reboot Switch is not available if you log on in Operator mode; that is, if
you enter an Operator password instead of a manager password at the
password prompt.)
Reboot Switch option
Stacking is available on Series 4200vl switches and
Series 3400/6400cl switches.
Figure 3-6. The Reboot Switch Option in the Main Menu
3-12
Using the Menu Interface
Rebooting the Switch
Rebooting To Activate Configuration Changes. Configuration changes
for most parameters in the menu interface become effective as soon as you
save them. However, you must reboot the switch in order to implement a
change in the
Maximum VLANs to support parameter. (To access this parameter, go
to the Main Menu and select:
2. Switch Configuration
8. VLAN Menu
1. VLAN Support.
If you make configuration changes in the menu interface that require a reboot,
the switch displays an asterisk (*) next to the menu item in which the change
has been made. For example, if you change and save the value for the
Maximum
VLANs to support
parameter, an asterisk appears next to the VLAN Support entry in
the VLAN Menu screen, and also next to the
Switch Configuration … entry in the
Main Menu, as shown in figure 4-6:
Reminder to
reboot the switch
to activate
configuration
changes.
Asterisk indicates
a configuration
change that
requires a reboot
in order to take
effect.
Figure 3-7. Indication of a Configuration Change Requiring a Reboot
To activate changes indicated by the asterisk, go to the Main Menu and select
the
Reboot Switch option.
Note Executing the write memory command in the CLI does not affect pending
configuration changes indicated by an asterisk in the menu interface. That is,
only a reboot from the menu interface or a
boot or reload command from the
CLI will activate a pending configuration change indicated by an asterisk.
3-13
Using the Menu Interface
Menu Features List
Menu Features List
Status and Counters
• General System Information
• Switch Management Address Information
• Port Status
• Port Counters
• Address Table
• Port Address Table
• Spanning Tree Information
Switch Configuration
• System Information
• Port/Trunk Settings
• Network Monitoring Port
• Spanning Tree Operation
• IP Configuration
• SNMP Community Names
• IP authorized Managers
• VLAN Menu
Console Passwords
Event Log
Command Line (CLI)
Reboot Switch
Download OS (Download Switch Software)
Run Setup
Stacking (Series 3400cl, Series 6400cl and Series 4200vl switches)
• Stacking Status (This Switch)
• Stacking Status (All)
• Stack Configuration
• Stack Management (Stack Commander Only)
• Stack Access (Stack Commander Only)
Logout
3-14
Using the Menu Interface
Where To Go From Here
Where To Go From Here
This chapter provides an overview of the menu interface and how to use it.
The following table indicates where to turn for detailed information on how
to use the individual features available through the menu interface.
Option: Turn to :
To use the Run Setup option Refer to the Installation and Getting Started Guide
shipped with the switch.
To view and monitor switch status and Appendix B, “Monitoring and Analyzing Switch
counters Operation”
To learn how to configure and use Refer to the Access Security Guide for your
passwords and other security features switch.
To learn how to use the Event Log “Using the Event Log To Identify Problem
Sources” on page C-26
To learn how the CLI operates Chapter 4, “Using the Command Line Interface
(CLI)”
To download switch software Appendix A, “File Transfers”
For a description of how switch
Chapter 6, “Switch Memory and Configuration”
memory handles configuration
changes
For information on other switch Refer to the Table of Contents at the front of this
features and how to configure them guide, and to “Sources for More Information” on
page 1-4.
3-15
Using the Menu Interface
Where To Go From Here
— This page is intentionally unused. —
3-16
4
Using the Command Line Interface (CLI)
Contents
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
Privilege Levels at Logon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
Privilege Level Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
Operator Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
Manager Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5
How To Move Between Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7
Listing Commands and Command Options . . . . . . . . . . . . . . . . . . . . . . 4-8
Listing Commands Available at Any Privilege Level . . . . . . . . . . . 4-8
Listing Command Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-10
Displaying CLI “Help” . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11
Configuration Commands and the Context Configuration Modes . . 4-13
CLI Control and Editing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16
4-1
Using the Command Line Interface (CLI)
Overview
Overview
The CLI is a text-based command interface for configuring and monitoring the
switch. The CLI gives you access to the switch’s full set of commands while
providing the same password protection that is used in the web browser
interface and the menu interface.
Accessing the CLI
Like the menu interface, the CLI is accessed through the switch console, and
in the switch’s factory default state, is the default interface when you start a
console session. You can access the console out-of-band by directly connecting a terminal device to the switch, or in-band by using Telnet either from a
terminal device or through the web browser interface.
Also, if you are using the menu interface, you can access the CLI by selecting
the Command Line (CLI) option in the Main Menu.
Using the CLI
The CLI offers these privilege levels to help protect the switch from unauthorized access:
1. Operator
2. Manager
3. Global Configuration
4. Context Configuration
Note CLI commands are not case-sensitive.
4-2
Using the Command Line Interface (CLI)
Using the CLI
When you use the CLI to make a configuration change, the switch writes the
change to the Running-Config file in volatile memory. This allows you to test
your configuration changes before making them permanent. To make changes
permanent, you must use the write memory command to save them to the
Startup-Config file in non-volatile memory. If you reboot the switch without
first using write memory, all changes made since the last reboot or write memory
(whichever is later) will be lost. For more on switch memory and saving
configuration changes, see Chapter 6, “Switch Memory and Configuration”.
Privilege Levels at Logon
Privilege levels control the type of access to the CLI. To implement this
control, you must set at least a Manager password. Without a Manager
password configured, anyone having serial port, Telnet, or web browser
access to the switch can reach all CLI levels. (For more on setting passwords,
refer to the chapter on usernames and passwords in the Access Security Guide
for your switch.)
When you use the CLI to log on to the switch, and passwords are set, you will
be prompted to enter a password. For example:
Password Prompt
Figure 4-1. Example of CLI Log-On Screen with Password(s) Set
In the above case, you will enter the CLI at the level corresponding to the
password you provide (operator or manager).
If no passwords are set when you log onto the CLI, you will enter at the
Manager level. For example:
ProCurve# _
4-3
Using the Command Line Interface (CLI)
Using the CLI
Caution HP strongly recommends that you configure a Manager password. If a Man-
ager password is not configured, then the Manager level is not passwordprotected, and anyone having in-band or out-of-band access to the switch may
be able to reach the Manager level and compromise switch and network
security. Note that configuring only an Operator password does not prevent
access to the Manager level by intruders who have the Operator password.
Pressing the Clear button on the front of the switch removes password
protection. For this reason, it is recommended that you protect the switch
from physical access by unauthorized persons. If you are concerned about
switch security and operation, you should install the switch in a secure
location, such as a locked wiring closet.
Privilege Level Operation
2. Manager Level
3. Global Configuration
Operator Privileges
Manager Privileges
1. Operator Level
4. Context Configuration Level
Figure 4-2. Access Sequence for Privilege Levels
Operator Privileges
At the Operator level you can examine the current configuration and move
between interfaces without being able to change the configuration. A “>”
character delimits the Operator-level prompt. For example:
ProCurve> _ (Example of the Operator prompt.)
When using enable to move to the Manager level, the switch prompts you for
the Manager password if one has already been configured.
4-4
Using the Command Line Interface (CLI)
Using the CLI
Manager Privileges
Manager privileges give you three additional levels of access: Manager, Global
Configuration, and Context Configuration. (See figure.) A “#” character delimits any Manager prompt. For example:
ProCurve#_ Example of the Manager prompt.
■ Manager level: Provides all Operator level privileges plus the ability to
perform system-level actions that do not require saving changes to the
system configuration file. The prompt for the Manager level contains only
the system name and the “#” delimiter, as shown above. To select this
level, enter the enable command at the Operator prompt and enter the
Manager password, when prompted. For example:
ProCurve> enable Enter enable at the Operator prompt.
Password: CLI prompt for the Manager password.
ProCurve# _ The Manager prompt appears after the
correct Manager password is entered.
■ Global Configuration level: Provides all Operator and Manager level
privileges, and enables you to make configuration changes to any of the
switch’s software features. The prompt for the Global Configuration level
includes the system name and “(config)”. To select this level, enter the
config command at the Manager prompt. For example:
HPswitch# config Enter config at the Manager prompt.
HPswitch(config)#_ The Global Config prompt.
■ Context Configuration level: Provides all Operator and Manager priv-
ileges, and enables you to make configuration changes in a specific
context, such as one or more ports or a VLAN. The prompt for the Context
Configuration level includes the system name and the selected context.
For example:
ProCurve(eth-1)#
ProCurve(vlan-10)#
The Context level is useful, for example, for executing several commands
directed at the same port or VLAN, or if you want to shorten the command
strings for a specific context area. To select this level, enter the specific
context at the Global Configuration level prompt. For example, to select
the context level for an existing VLAN with the VLAN ID of 10, you would
enter the following command and see the indicated result:
ProCurve(config)# vlan 10
ProCurve(vlan-10)#
4-5
Using the Command Line Interface (CLI)
Using the CLI
Table 4-1. Privilege Level Hierarchy
Privilege
Level
Example of Prompt and Permitted Operations
Operator Privilege
Operator Level ProCurve> show < command >
setup
ping < argument >
link-test < argument >
enable
menu
logout
exit
View status and configuration information.
Perform connectivity tests.
Move from the Operator level to the Manager
level.
Move from the CLI interface to the menu interface.
Exit from the CLI interface and terminate the
console session.
Terminate the current session (same as logout).
Manager Privilege
Manager Level ProCurve
# Perform system-level actions such as system
control, monitoring, and diagnostic commands,
plus any of the Operator-level commands. For a list
of available commands, enter
? at the prompt.
Global ProCurve(config)# Execute configuration commands, plus all
Configuration Operator and Manager commands. For a list of
Level available commands, enter ? at the prompt.
Context ProCurve(eth-5)# Execute context-specific configuration
Configuration ProCurve(vlan- commands, such as a particular VLAN or switch
Level 100)# port. This is useful for shortening the command
strings you type, and for entering a series of
commands for the same context. For a list of
available commands, enter
? at the prompt.
4-6
Using the Command Line Interface (CLI)
Using the CLI
How To Move Between Levels
Change in Levels Example of Prompt, Command, and Result
Operator level
to
Manager level
Manager level
to
Global configuration
level
Global configuration
level
to a
Context configuration
level
Context configuration
level
to another
Context configuration
level
Move from any level
to the preceding level
Move from any level
to the Manager level
ProCurve
> enable
Password:_
After you enter enable, the Password
prompt appears. After you enter the
Manager password, the system prompt
appears with the # symbol:
ProCurve
#_
ProCurve
# config
ProCurve(config)#
ProCurve
(config)# vlan 10
ProCurve(vlan-10)#
ProCurve
(vlan-10)# interface e 3
ProCurve(int-3)#
The CLI accepts “e” as the abbreviated
form of “ethernet”.
ProCurve
(int-3)# exit
ProCurve(config)# exit
ProCurve# exit
ProCurve>
ProCurve(int-3)# end
ProCurve#
—or—
ProCurve
(config)# end
ProCurve#
Moving Between the CLI and the Menu Interface. When moving
between interfaces, the switch retains the current privilege level (Manager or
Operator). That is, if you are at the Operator level in the menu and select the
Command Line Interface (CLI) option from the Main Menu, the CLI prompt
appears at the Operator level.
Changing Parameter Settings. Regardless of which interface is used (CLI,
menu interface, or web browser interface), the most recently configured
version of a parameter setting overrides any earlier settings for that parameter.
4-7
Using the Command Line Interface (CLI)
Using the CLI
For example, if you use the menu interface to configure an IP address of “X”
for VLAN 1 and later use the CLI to configure a different IP address of “Y” for
VLAN 1, then “Y” replaces “X” as the IP address for VLAN 1 in the runningconfig file. If you subsequently execute write memory in the CLI, then the
switch also stores “Y” as the IP address for VLAN 1 in the startup-config file.
(For more on the startup-config and running config files, see Chapter 6,
“Switch Memory and Configuration”.)
Listing Commands and Command Options
At any privilege level you can:
■ List all of the commands available at that level
■ List the options for a specific command
Listing Commands Available at Any Privilege Level
At a given privilege level you can list and execute the commands that level
offers, plus all of the commands available at preceding levels. For example,
at the Operator level, you can list and execute only the Operator level commands. However, at the Manager level, you can list and execute the commands
available at both the Operator and Manager levels.
Type “?” To List Available Commands. 1.Typing the
? symbol lists the
commands you can execute at the current privilege level. For example,
typing ? at the Operator level produces this listing:
Figure 4-3. Example of the Operator Level Command Listing
4-8
Using the Command Line Interface (CLI)
Using the CLI
Typing ? at the Manager level produces this listing:
When - - MORE - - appears, use the Space
bar or [Return] to list additional commands.
Figure 4-4.Example of the Manager-Level Command Listing
When - - MORE - - appears, there are more commands in the listing. To list the
next screenfull of commands, press the Space bar. To list the remaining
commands one-by-one, repeatedly press
[Enter].
Typing ? at the Global Configuration level or the Context Configuration level
produces similar results.
Use
[Tab] To Search for or Complete a Command Word. You can use
[Tab] to help you find CLI commands or to quickly complete the current word
in a command. To do so, type one or more consecutive characters in a
command and then press
[Tab] (with no spaces allowed). For example, at the
Global Configuration level, if you press
[Tab] immediately after typing “t”, the
CLI displays the available command options that begin with “t”. For example:
ProCurve(config)# t
[Tab]
tacacs-server
telnet-server
time
timesync
trunk
telnet
terminal
traceroute
ProCurve(config)# t
4-9
Using the Command Line Interface (CLI)
Using the CLI
As mentioned above, if you type part of a command word and press [Tab], the
CLI completes the current word (if you have typed enough of the word for the
CLI to distinguish it from other possibilities), including hyphenated extensions. For example:
ProCurve(config)# port-
[Tab]
ProCurve(config)# port-security _
Pressing
[Tab] after a completed command word lists the further options for
that command.
ProCurve(config)# qos
[Tab]
udp-portSet UDP port based priority.
tcp-portSet TCP port based priority.
device-priorityConfigure device-based priority.
dscp-mapDefine mapping between a DSCP
(Differentiated-Services Codepoint)
value and 802.1p priority.
type-of-serviceConfigure the Type-of-Service
method the device uses to
prioritize IP traffic.
Listing Command Options
You can use the CLI to remind you of the options available for a command by
entering command keywords followed by
?. For example, suppose you want
to see the command options for configuring the console settings:
This example displays the command options
for configuring the switch’s console settings.
Figure 4-5. Example of How To List the Options for a Specific Command
4-10
Using the Command Line Interface (CLI)
Using the CLI
Displaying CLI “Help”
CLI Help provides two types of context-sensitive information:
■ Command list with a brief summary of each command’s purpose
■ Detailed information on how to use individual commands
Displaying Command-List Help.
Syntax: help
Displays a listing of command Help summaries for all
commands available at the current privilege level. That is, at
the Operator level, executing help displays the Help summaries
only for Operator-Level commands. At the Manager level,
executing help displays the Help summaries for both the
Operator and Manager levels, and so on.
For example, to list the Operator-Level commands with their purposes:
Figure 4-6. Example of Context-Sensitive Command-List Help
Displaying Help for an Individual Command.
Syntax: < command-string > help
This option displays Help for any command available at the
current context level.
For example, to list the Help for the interface command in the Global Configuration privilege level:
4-11
Using the Command Line Interface (CLI)
Using the CLI
Figure 4-7.Example of How To Display Help for a Specific Command
Note that trying to list the help for an individual command from a privilege
level that does not include that command results in an error message. For
example, trying to list the help for the interface command while at the global
configuration level produces this result:
ProCurve# speed-duplex help
Invalid input: speed-duplex
4-12
Using the Command Line Interface (CLI)
Using the CLI
Configuration Commands and the Context
Configuration Modes
You can execute any configuration command in the global configuration mode
or in selected context modes. However, using a context mode enables you to
execute context-specific commands faster, with shorter command strings.
The switch offers interface (port or trunk group) and VLAN context configuration modes:
Port or Trunk-Group Context . Includes port- or trunk-specific commands that apply only to the selected port(s) or trunk group, plus the global
configuration, Manager, and Operator commands. The prompt for this mode
includes the identity of the selected port(s):
ProCurve(config)# interface c3-c6
ProCurve(eth-C5-C8)#
ProCurve(config)# interface trk1
ProCurve(eth-Trk1)#
Commands executed at configuration level for entering port and
trk1 static trunk-group contexts, and resulting prompts showing
port or static trunk contexts..
ProCurve(eth-C5-C8)#
ProCurve(eth-Trk1)#
ProCurve(eth-C5-C8)# ?
ProCurve(eth-C5-C8)# ?
Lists the commands you can use in the port or static trunk context,
plus the Manager, Operator, and context commands you can execute at this level.
4-13
Using the Command Line Interface (CLI)
Using the CLI
In the port context, the first block of commands in the “?”
listing show the context-specific commands that will affect
only ports C3-C6.
The remaining commands in the listing are Manager,
Operator, and context commands.
Figure 4-8. Context-Specific Commands Affecting Port Context
4-14
Using the Command Line Interface (CLI)
Using the CLI
VLAN Context . Includes VLAN-specific commands that apply only to the
selected VLAN, plus Manager and Operator commands. The prompt for this
mode includes the VLAN ID of the selected VLAN. For example, if you had
already configured a VLAN with an ID of 100 in the switch:
ProCurve(config)# vlan 100
Command executed at configuration level to enter VLAN 100 context.
ProCurve(vlan-100)#
Resulting prompt showing VLAN 100 context.
ProCurve(vlan-100)# ?
Lists commands you can use in the VLAN context, plus Manager,
Operator, and context commands you can execute at this level.
In the VLAN
context, the
first block of
commands in
the “?” listing
show the
commands that
will affect only
vlan-100.
The remaining
commands in
the listing are
Manager,
Operator, and
context
commands.
Figure 4-9. Context-Specific Commands Affecting VLAN Context
4-15
Using the Command Line Interface (CLI)
CLI Control and Editing
CLI Control and Editing
Keystrokes Function
[Ctrl] [A] Jumps to the first character of the command line.
[Ctrl]
[B] or [<]
Moves the cursor back one character.
[Ctrl] [C] Terminates a task and displays the command prompt.
[Ctrl] [D] Deletes the character at the cursor.
[Ctrl] [E] Jumps to the end of the current command line.
[Ctrl]
[F] or [>]
Moves the cursor forward one character.
[Ctrl] [K] Deletes from the cursor to the end of the command line.
[Ctrl] [L] or [Ctrl] [R]
Repeats current command line on a new line.
[Ctrl]
[N] or [v]
Enters the next command line in the history buffer.
[Ctrl]
[P] or [^]
Enters the previous command line in the history buffer.
[Ctrl] [U] or [Ctrl] [X]
Deletes from the cursor to the beginning of the command line.
[Ctrl] [W] Deletes the last word typed.
[Esc] [B] Moves the cursor backward one word.
[Esc] [D] Deletes from the cursor to the end of the word.
[Esc] [F] Moves the cursor forward one word.
[Backspace]
Deletes the first character to the left of the cursor in the command
line.
[Spacebar]
Moves the cursor forward one character.
4-16
5
Using the Web Browser Interface
Contents
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2
Using ProCurve Manager (PCM) or
Security: Creating Usernames and Passwords
General Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
Starting an Web Browser Interface Session with the Switch . . . . . 5-4
Using a Standalone Web Browser in a PC or UNIX Workstation . . . . 5-4
ProCurve Manager Plus (PCM+) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5
Tasks for Your First Web Browser Interface Session . . . . . . . . . . . . 5-7
Viewing the “First Time Install” Window . . . . . . . . . . . . . . . . . . . . . . . . 5-7
in the Browser Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8
Entering a User Name and Password . . . . . . . . . . . . . . . . . . . . . . 5-10
Using a User Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10
If You Lose the Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10
Online Help for the Web Browser Interface . . . . . . . . . . . . . . . . . . . . 5-11
Support/Mgmt URLs Feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-12
Support URL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-13
Help and the Management Server URL . . . . . . . . . . . . . . . . . . . . . . . . 5-13
Using the PCM Server for Switch Web HelpWeb Help . . . . . . . . . . . . 5-14
Status Reporting Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16
The Overview Window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16
The Port Utilization and Status Displays . . . . . . . . . . . . . . . . . . . . . . . 5-17
Port Utilization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-17
Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-19
The Alert Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-20
Sorting the Alert Log Entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-20
Alert Types and Detailed Views . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-21
The Status Bar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-22
Setting Fault Detection Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-24
5-1
Using the Web Browser Interface
Overview
Overview
The web browser interface built into the switch lets you easily access the
switch from a browser-based PC on your network. This lets you do the
following:
■ Optimize your network uptime by using the Alert Log and other diagnostic
tools
■ Make configuration changes to the switch
■ Maintain security by configuring usernames and passwords
This chapter covers the following:
■ General features (page 5-3).
■ Starting a web browser interface session (page 5-4)
■ Tasks for your first web browser interface session (page 5-7):
• Creating usernames and passwords in the web browser interface
(page 5-8)
• Selecting the fault detection configuration for the Alert Log operation
(page 5-24)
• Getting access to online help for the web browser interface (page
5-11)
■ Description of the web browser interface:
• Overview window and tabs (page 5-16)
• Port Utilization and Status displays (page 5-17)
• Alert Log and Alert types (page 5-20)
• Setting the Fault Detection Policy (page 5-24)
Note You can disable access to the web browser interface by either executing no
web-management at the Command Prompt or changing the Web Agent Enabled
parameter setting to No (page 7-4).
For information on operating system, browser, and Java versions for the
switches covered by this guide, go to the ProCurve Networking web site at
http://www.procurve.com and:
Click on: Technical support
Click on: FAQs (all)
Select a switch series (such as ProCurve Switch 5300 Series)
Scroll to General Product Information.
5-2
Using the Web Browser Interface
General Features
General Features
The Web Browser Interface includes these features:
Switch Identity and Status:
• General system data
• Software version
• IP address
• Status Overview
• Port utilization
• Port counters
• Port status
• Alert log
Switch Configuration:
• Device view
• Port configuration
• VLAN configuration
• Fault detection
• Quality of service (QoS)
• Port monitoring (mirroring)
• System information
• IP configuration
• Support and management server URLs
• Device features (Spanning Tree On/Off, VLAN selection, and IGMP)
• Stacking (3400cl, 6400cl and 4200vl switches)
Switch Security:
• User names and passwords
• Authorized Addresses
• Intrusion Log
• SSL
• RADIUS authentication (Refer to the Access Security Guide.)
Switch Diagnostics:
• Ping/Link Test
• Device reset
• Configuration report
5-3
Using the Web Browser Interface
Starting an Web Browser Interface Session with the Switch
Starting an Web Browser Interface
Session with the Switch
You can start a web browser session in the following ways:
■ Using a standalone web browser on a network connection from a PC or
UNIX workstation:
• Directly connected to your network
• Connected through remote access to your network
■ Using a network management station running ProCurve Manager on your
network
Using a Standalone Web Browser in a PC or UNIX
Workstation
This procedure assumes that you are using a compatible web browser and that
the switch is configured with an IP address accessible from your PC or
workstation. (For more on assigning an IP address, refer to “IP Configuration”
on page 8-2.)
1. Ensure that the Java
TM
applets are enabled for your browser. For more
information on this topic, refer to your browser’s online Help.
2. Use the web browser to access the switch. If your network includes a
Domain Name Server (DNS), your switch’s IP address may have a name
associated with it (for example, switch5308) that you can type in the
Location or Address field instead of the IP address. Using DNS names
typically improves browser performance. Contact your network administrator to enquire about DNS names associated with your ProCurve switch.
Type the IP address (or DNS name) of the switch in the browser Location
or Address (URL) field and press
[Enter]. (It is not necessary to include
http://.)
switch5308
[Enter] (example of a DNS-type name)
10.11.12.195
[Enter] (example of an IP address)
5-4
Using the Web Browser Interface
Starting an Web Browser Interface Session with the Switch
Using ProCurve Manager (PCM) or
ProCurve Manager Plus (PCM+)
ProCurve Manager and ProCurve Manager Plus are designed for installation
on a network management workstation. For this reason, the system requirements are different from the system requirements for accessing the switch’s
web browser interface from a non-management PC or workstation. For PCM
and PCM+ requirements, refer to the information provided with the software.
This procedure assumes that:
■ You have installed the recommended web browser on a PC or workstation
that serves as your network management station.
■ The networked device you want to access has been assigned an IP address
and (optionally) a DNS name, and has been discovered by PCM or PCM+.
(For more on assigning an IP address, refer to “IP Configuration” on page
8-2.)
To establish a web browser session with PCM or PCM+ running, do the
following on the network management station:
1. Make sure the Java
TM
applets are enabled for your web browser. If they
are not, refer to the web browser online Help for specific information on
enabling the Java applets.
2. In the Interconnected Devices listing under Network Manager Home (in the
PCM/PCM+ sidebar), right-click on the model number of the device you
want to access.
3. The web browser interface automatically starts with the Status Overview
window displayed for the selected device, as shown in figure 5-1.
Note If the Registration window appears, click on the Status tab.
5-5
Using the Web Browser Interface
Starting an Web Browser Interface Session with the Switch
Alert
Log
First-Time
Install Alert
Figure 5-1. Example of Status Overview Screen
5-6
Using the Web Browser Interface
Tasks for Your First Web Browser Interface Session
Tasks for Your First Web Browser
Interface Session
The first time you access the web browser interface, there are three tasks you
should perform:
■ Review the “First Time Install” window
■ Set Manager and Operator passwords
■ Set access to the web browser interface online help
Viewing the “First Time Install” Window
When you access the switch’s web browser interface for the first time, the
Alert log contains a “First Time Install” alert, as shown in figure 5-2. This gives
you information about first time installations, and provides an immediate
opportunity to set passwords for security and to specify a Fault Detection
policy, which determines the types of messages that will be displayed in the
Alert Log.
Double click on First Time Install in the Alert log (figure 5-1 on page 5-6). The
web browser interface then displays the “First Time Install” window, below.
Figure 5-2. First-Time Install Window
5-7
Using the Web Browser Interface
Tasks for Your First Web Browser Interface Session
This window is the launching point for the basic configuration you need to
perform to set web browser interface passwords for maintaining security and
a fault detection policy, which determines the types of messages that the Alert
Log displays.
To set web browser interface passwords, click on secure access to the device
to display the Device Passwords screen, and then go to the next page. (You
can also access the password screen by clicking on the Security tab.)
To set Fault Detection policy, click on select the fault detection configuration in
the second bullet in the window and go to the section, “Setting Fault Detection
Policy” on page 5-24. (You can also access the password screen by clicking on
the Configuration tab, and then the
[Fault Detection] key.)
Security: Creating Usernames and Passwords
in the Browser Interface
Note On 5300xl switches running software release E.09.xx, you can also configure
RADIUS authentication for web browser interface access. For more information, refer to the chapter titled “RADIUS Authentication and Accounting” in
the Access Security Guide for your switch.
You may want to create both a username and a password to create access
security for your switch. There are two levels of access to the interface that
can be controlled by setting user names and passwords:
■ Operator Setting. An Operator-level user name and password allows
read-only access to most of the web browser interface, but prevents
access to the Security window.
■ Manager Setting. A Manager-level user name and password allows full
read/write access to the web browser interface.
5-8
Using the Web Browser Interface
Tasks for Your First Web Browser Interface Session
Figure 5-3. The Device Passwords Window
To set the passwords:
1. Access the Device Passwords screen by one of the following methods:
• If the Alert Log includes a “First Time Install” event entry, double
click on this event, then, in the resulting display, click on the
secure access to the device link.
• Select the Security tab.
2. Click in the appropriate box in the Device Passwords window and enter
user names and passwords. You will be required to repeat the password
strings in the confirmation boxes.
Both the user names and passwords can be up to 16 printable ASCII
characters.
3. Click on
[Apply Changes] to activate the user names and passwords.
Note Passwords you assign in the web browser interface will overwrite previous
passwords assigned in either the web browser interface, the CLI, or the menu
interface. That is, the most recently assigned passwords are the switch’s
passwords, regardless of which interface was used to assign the string.
5-9
Using the Web Browser Interface
Tasks for Your First Web Browser Interface Session
Entering a User Name and Password
Figure 5-4. Example of the Password Prompt in the Web Browser Interface
The manager and operator passwords are used to control access to all switch
interfaces. Once set, you will be prompted to supply the password every time
you try to access the switch through any of its interfaces. The password you
enter determines the capability you have during that session:
■ Entering the manager password gives you full read/write/troubleshooting
capabilities
■ Entering the operator password gives you read and limited trouble-
shooting capabilities.
Using a User Name
If you also set user names in the web browser interface screen, you must
supply the correct user name for web browser interface access. If a user name
has not been set, then leave the User Name field in the password window
blank.
Note that the Command Prompt and switch console interfaces use only the
password, and do not prompt you for the User Name.
If You Lose the Password
If you lose the passwords, you can clear them by pressing the Clear button on
the front of the switch. This action deletes all password and user name
protection from all of the switch’s interfaces.
5-10
Using the Web Browser Interface
Tasks for Your First Web Browser Interface Session
The Clear button is provided for your convenience, but its presence means
that if you are concerned with the security of the switch configuration and
operation, you should make sure the switch is installed in a secure location,
such as a locked wiring closet. (For more information, refer to “Front Panel
Security” in the chapter titled “Configuring Username and Password Security” in the Access Security Guide for your switch.)
Online Help for the Web Browser Interface
Online Help is available for the web browser interface. You can use it by
clicking on the question mark button in the upper right corner of any of the
web browser interface screens.
The Help Button
Figure 5-5. The Help Button
Context-sensitive help is provided for the screen you are on.
Note To access the online Help for the web browser interface, you need either
ProCurve Manager (version 1.5 or greater) installed on your network or an
active connection to the World Wide Web. Otherwise, Online help for the web
browser interface will not be available.
For more on Help access and operation, refer to “Help and the Management
Server URL” on page 5-13.
5-11
Using the Web Browser Interface
Support/Mgmt URLs Feature
Support/Mgmt URLs Feature
The Support/Mgmt URLs window enables you to change the World Wide Web
Universal Resource Locator (URL) for two functions:
■ Support URL – A support information site for your switch
■ Management Server URL – The web site for web browser online Help
3. Enter one of the following (or use the default setting):
– The URL for the support information source you want the switch to access
when you click on the web browser interface Support tab. The default is the
URL for the ProCurve Networking home page.
– The URL of a PCM (ProCurve Network Manager) workstation or other server
for the online Help files for this web browser interface. (The default setting
accesses the switch’s browser-based Help on the ProCurve World Wide
Web site.) Note that if you install PCM in your network, the PCM
management station acts as the web browser Help server and automatically
inserts the necessary URL in this field.)
1. Click Here
2. Click Here
4. Click on Apply Changes
Figure 5-6. The Default Support/Mgmt URLs Window
5-12
Using the Web Browser Interface
Support/Mgmt URLs Feature
Support URL
This is the site the switch accesses when you click on the Support tab on the
web browser interface. The default URL is:
http://www.procurve.com
which is the World Wide Web site for ProCurve networking products. Click
on technical support on that page to get support information regarding your
switch, including white papers, software updates, and more.
As an alternative, you can replace the ProCurve URL with the URL for a local
site used for logging reports on network performance or other support activities.
Help and the Management Server URL
The Management Server URL field specifies the URL the switch uses to find
online Help for the web browser interface.
■ If you install PCM (ProCurve Manager) in your network, the PCM manage-
ment station acts as the web browser Help server for the switch and
automatically inserts the necessary URL in this field.)
■ In the default configuration (and if PCM is not running on your network)
this field is set to the URL for accessing online Help from the ProCurve
Networking web site:
http://www.hp.com/rnd/device_help
Using this option, the Help files are automatically available if your workstation can access the World Wide Web. In this case, if Online Help fails
to operate, ensure that the above URL appears in the Management Server
URL field shown in figure 5-7:
5-13
Using the Web Browser Interface
Support/Mgmt URLs Feature
In the default configuration, the switch uses the URL for
accessing the web browser interface help files on the
ProCurve World Wide Web site.
Figure 5-7. How To Access Web Browser Interface Online Help
Using the PCM Server for Switch Web HelpWeb Help
For ProCurve devices that support the "Web Help" feature, you can use the
PCM server to host the switch help files for devices that do not have HTTP
access to the HP Support Web site.
1. Go to the HP Support web site to get the Device HelpDevice Help files:
http://www.hp.com//rnd/device_help/
2. Copy the Web help files to the PCM server, under:
C:\\program files\hewlett-packard\pnm\server\webroot\
rnd\sevice_help\help\hpwnd\webhelp
3. Add an entry, or edit the existing entry in the Discovery portion of the
global properties (globalprops.prp) in PCM to redirect the switches to the
help files on the PCM server. For example:
Global {
TempDir=data/temp
...
Discovery{
...
...
DeviceHelpUrlRedirect=http://15.29.37.12.8040/rnd/device_help
...
}
5-14
Using the Web Browser Interface
Support/Mgmt URLs Feature
}
You will enter the IP address for your PCM server. 8040 is the standard port
number to use.
4. Restart the Discovery process for the change to be applied.
Note Changing the Discovery’s Global properties file will redirect the Device Help
URL for all devices.
If you just want to change the Device Help URL for a particular device, then
go to the Configuration tab on the Web UI for that device and select the
"Support/Mgmt URL" button. Edit the entry in the "Management Server URL"
field for the device to point to the PCM server; for example:
http://15.29.37.12.8040/rnd/device_help
5-15
Using the Web Browser Interface
Status Reporting Features
Status Reporting Features
Browser elements covered in this section include:
■ The Overview window (below)
■ Port utilization and status (page 5-17)
■ The Alert log (page 5-20)
■ The Status bar (page 5-22)
The Overview Window
The Overview Window is the home screen for any entry into the web browser
interface.The following figure identifies the various parts of the screen.
Alert Log
Control Bar
Port Utilization Graphs
(page 5-17)
Active Tab
Active Button
Alert Log
(page 5-20)
Port Status
Indicators
(page 5-19)
Button Bar
Tab Bar
Status Bar
(page 5-22)
Figure 5-8. The Status Overview Window
Policy Management and Configuration. PCM can perform network-wide
policy management and configuration of your switch. The Management Server
URL field (page 5-13) shows the URL for the management station performing
that function. For more information, refer to the documentation provided with
the PCM software.
5-16
Loading...