Solved

Configure HP 5500 Switch with Comware

Posted on 2016-10-07
15
48 Views
Last Modified: 2016-10-13
I have replaced HP Procurve Switches (ProVision for CLI) with HP A5500 Switches (Comware for CLI).  

I've got all the manuals, but need to get a switch up and running quickly - faster than it seems I'm able to "learn" Comware commands.  These are much different than the ProVision CLI commands for the ProCurve switches.

Right now, I'm using PuttY (via Serial connection to my PC) to get in to the switch.  I'd like to configure it as follows:

1) Rename the Switch to:  TRE BASEMENT 1
2) Setup an Administrative Username and Password:
          a) Username:     Admin
          b) Password:      ( I can fill this in after shown correct command )
          c) This user must have top level access
3) Assign a Static IP to the Switch:       10.18.80.2
4) Assign a Static DNS to the Switch:   10.18.80.5
5) Enable Routing:
          Default Route:    10.18.80.1
6) Be able to Access the Switch via:
          a) GUI Interface through Browser using 10.18.80.2
          b) Telnet via IP address:  10.18.80.2

Set up the following VLan's:

VLan 1:
          Name:        Servers_80 VLan
                              10.18.80.254/24
                              VLan Tag = 80
                              Ports 41 & 42 are Tagged
                              Ports 1 thru 24 are Untagged
VLan 2:
          Name:        WAN_10 VLan
                              10.10.10.1/24
                              VLan Tag = 10
                              Ports 41 & 42 are Untagged

VLan 3:
          Name:        Internet_JonesTel VLan
                              10.18.1.2/24
0
Comment
Question by:baleman2
15 Comments
 
LVL 26

Expert Comment

by:Predrag Jovic
ID: 41835046
If you know Cisco or HP ProVision should be fast enough. You have it here:
HP Networking and Cisco CLI Reference Guide - Version 2
0
 

Author Comment

by:baleman2
ID: 41835097
This is documentation that I came across last evening after posting my request for assistance.  I'm trying to make my way through configuration now.

Some entries are still confusing to me.  Why must I create both a "VLAN" and a "VLAN INTERFACE"?

There will be servers "behind" this 5500 switch which must communicate with servers in our datacenter - servers which are behind an HP Procurve 2648 switch.  I need a static route between those 2 locations.

I'd like to be able to use the GUI interface to reach this new switch.  No configuration entries made thus far have allowed me to do so.

I thought I was upgrading when I purchased these new switches.  Haven't been impressed with them so far.
0
 

Author Comment

by:baleman2
ID: 41835232
Basic Switch Management:  Management Access

Right now, I'm still connecting via PC Serial Port to HP Console Port.

I've used the Comware commands for entering a "local-user", "simple" password, and "authorization-level 3".  Have saved the configuration and rebooted the switch.

After rebooting, no prompts for Username and/or Password are presented requiring entries.  This would indicate to me that ANYONE can get to the switch with no credentials.  

Am I missing something here?
0
 
LVL 26

Expert Comment

by:Predrag Jovic
ID: 41835819
Did you enable authentication on console and vty lines - reference guide pages 90 - 91.
0
 

Author Comment

by:baleman2
ID: 41835833
Am looking at those pages now.  If I follow the Comware column's instructions explicitly, I'm making these entries from the initial prompt of the switch:  <HP> ?????

It looks as though the guide is creating a user named "manager" and enabling the "telnet" service.  Then, configuration continues for "user-interface vty 0 15".  How/Why/What is the significance of vty 0 15?  Why is that chosen?  Why not " vty 0 20"?  All of this seems so verbose compared to Provision CLI.

Regardless, once entered, should the "save" CLI command write this bit of configuration to the startup.cfg file?  Upon rebooting the switch, should I be prompted for the username and password?
0
 
LVL 26

Expert Comment

by:Predrag Jovic
ID: 41835837
In the case of Cisco devices by entering
line vty 0 ?
You can find out how many lines are enabled on device, so you can configure access on as many lines as you want and you can also disable other vty lines if you want to. It is up to you to configure vty lines however you find it is appropriate.
Most likely you should be prompt for credentials as soon as you configure vty line (after you disconnect current session and try to access device again), I don't think that reboot is necessary.
Sure you need to "save" otherwise changes that you make are removed after reboot of switch.
0
 

Author Comment

by:baleman2
ID: 41835869
Made all the entries per the manual under Comware column.  

All entries were accepted.  Saved the configuration.  Rebooted the switch.

No prompts were required to access the switch - not a username, not a password.

Screenshot attached showing access to the <HP> prompt.  Also, screenshot shows results after entering command:  display user-interface

Would I only receive a username and password prompt if I were logging in via "telnet".  Remember, right now I'm still using PC serial port to Switch Console Port for connectivity with PuttY.
0
Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

 

Author Comment

by:baleman2
ID: 41835870
Sorry, forgot the screenshot.
C--Users-dan-Desktop-VTY_Screenshot.JPG
0
 
LVL 26

Expert Comment

by:Predrag Jovic
ID: 41835875
VTY lines are for ssh and telnet, I guess that's what you configured, console access is typically separate option.
0
 

Author Comment

by:baleman2
ID: 41835877
So, do you think after configuring a Static IP address for the switch, and using telnet/ssh, I would get the prompts?
0
 
LVL 26

Expert Comment

by:Predrag Jovic
ID: 41835881
Yes, if properly configured (ssh need to be configured, telnet is enabled by default). So, try. :)
0
 
LVL 39

Expert Comment

by:noci
ID: 41836138
VLAN is need for a list of VLANS, a switch does not need an interface in all VLANs, most configs only have a VLAN in the management VLAN.
0
 
LVL 3

Accepted Solution

by:
Richard Murphy earned 500 total points
ID: 41838176
<HP> System-view
[HP] Sysname TRE BASEMENT 1
[HP] local-user <your username>
[HP-<your username>] password <your password>
[HP-<your username>] authorization-attribute level 3
[HP-<your username>] service-type ssh terminal telnet
[HP-<your username>] quit
[HP] Vlan 80
[HP-vlan80]Desc Servers_80 VLan
[HP-vlan80]quit
[HP] interface vlan 80
[HP-Vlan-interface80]ip address 10.18.80.2 24
[HP-Vlan-interface80] Desc Servers_80 VLan
[HP-Vlan-interface80] quit
[HP] Vlan 10
[HP-vlan10]Desc WAN_10 VLan
[HP-vlan10]quit
[HP] interface vlan10
[HP-Vlan-interface10]ip address   10.10.10.1 24
[HP-Vlan-interface10] Desc WAN_10 VLan
[HP-Vlan-interface10]quit
[HP]ip route-static 0.0.0.0 0.0.0.0 10.18.80.1
[HP]ip http enable
[HP]dns resolve
[HP] dns server 10.18.80.5
[HP] dns domain yourdomain.com

Ports are set up individually or via ranges Hybrid ports are my personal choice for both access and trunk

Example of Access
interface GigabitEthernet1/0/1
 port link-mode bridge
 port access vlan 100

example of Hybrid

interface GigabitEthernet1/0/1
 port link-mode bridge
 port link-type hybrid
 undo port hybrid vlan 1
 port hybrid vlan 15 tagged
 port hybrid vlan 4 untagged
 port hybrid pvid vlan 4

there is no elevation in this setup i.e config t
so the commands can be run from any level.

Hope this helps
0
 

Author Comment

by:baleman2
ID: 41838237
Richard:

I wrestled through config setup all this past weekend.  Ended up with something much like you've presented to me.  I installed the switch last night and experienced needed connectivity.

However, I'm going to closely compare my own config with what you've provided to possibly improve my own.  Will take a couple of days to do this.

THANK YOU FOR YOUR ASSISTANCE!!  Your example is exactly what I was looking for.  Will update this post in a couple of days.
0
 

Author Closing Comment

by:baleman2
ID: 41842204
Richard:

Exactly, precisely what I needed.  Thanks so much!
0

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Join & Write a Comment

Suggested Solutions

So, you're experiencing issues on your network and you've decided that you need to perform some tests to determine whether your cabling is good.  You're likely thinking that you may need to spend money which you probably don't have on hiring/purchas…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now