Configure HP 5500 Switch with Comware

I have replaced HP Procurve Switches (ProVision for CLI) with HP A5500 Switches (Comware for CLI).  

I've got all the manuals, but need to get a switch up and running quickly - faster than it seems I'm able to "learn" Comware commands.  These are much different than the ProVision CLI commands for the ProCurve switches.

Right now, I'm using PuttY (via Serial connection to my PC) to get in to the switch.  I'd like to configure it as follows:

1) Rename the Switch to:  TRE BASEMENT 1
2) Setup an Administrative Username and Password:
          a) Username:     Admin
          b) Password:      ( I can fill this in after shown correct command )
          c) This user must have top level access
3) Assign a Static IP to the Switch:
4) Assign a Static DNS to the Switch:
5) Enable Routing:
          Default Route:
6) Be able to Access the Switch via:
          a) GUI Interface through Browser using
          b) Telnet via IP address:

Set up the following VLan's:

VLan 1:
          Name:        Servers_80 VLan
                              VLan Tag = 80
                              Ports 41 & 42 are Tagged
                              Ports 1 thru 24 are Untagged
VLan 2:
          Name:        WAN_10 VLan
                              VLan Tag = 10
                              Ports 41 & 42 are Untagged

VLan 3:
          Name:        Internet_JonesTel VLan
Who is Participating?
Richard MurphyConnect With a Mentor Senior Network AnalystCommented:
<HP> System-view
[HP] local-user <your username>
[HP-<your username>] password <your password>
[HP-<your username>] authorization-attribute level 3
[HP-<your username>] service-type ssh terminal telnet
[HP-<your username>] quit
[HP] Vlan 80
[HP-vlan80]Desc Servers_80 VLan
[HP] interface vlan 80
[HP-Vlan-interface80]ip address 24
[HP-Vlan-interface80] Desc Servers_80 VLan
[HP-Vlan-interface80] quit
[HP] Vlan 10
[HP-vlan10]Desc WAN_10 VLan
[HP] interface vlan10
[HP-Vlan-interface10]ip address 24
[HP-Vlan-interface10] Desc WAN_10 VLan
[HP]ip route-static
[HP]ip http enable
[HP]dns resolve
[HP] dns server
[HP] dns domain

Ports are set up individually or via ranges Hybrid ports are my personal choice for both access and trunk

Example of Access
interface GigabitEthernet1/0/1
 port link-mode bridge
 port access vlan 100

example of Hybrid

interface GigabitEthernet1/0/1
 port link-mode bridge
 port link-type hybrid
 undo port hybrid vlan 1
 port hybrid vlan 15 tagged
 port hybrid vlan 4 untagged
 port hybrid pvid vlan 4

there is no elevation in this setup i.e config t
so the commands can be run from any level.

Hope this helps
If you know Cisco or HP ProVision should be fast enough. You have it here:
HP Networking and Cisco CLI Reference Guide - Version 2
baleman2Author Commented:
This is documentation that I came across last evening after posting my request for assistance.  I'm trying to make my way through configuration now.

Some entries are still confusing to me.  Why must I create both a "VLAN" and a "VLAN INTERFACE"?

There will be servers "behind" this 5500 switch which must communicate with servers in our datacenter - servers which are behind an HP Procurve 2648 switch.  I need a static route between those 2 locations.

I'd like to be able to use the GUI interface to reach this new switch.  No configuration entries made thus far have allowed me to do so.

I thought I was upgrading when I purchased these new switches.  Haven't been impressed with them so far.
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

baleman2Author Commented:
Basic Switch Management:  Management Access

Right now, I'm still connecting via PC Serial Port to HP Console Port.

I've used the Comware commands for entering a "local-user", "simple" password, and "authorization-level 3".  Have saved the configuration and rebooted the switch.

After rebooting, no prompts for Username and/or Password are presented requiring entries.  This would indicate to me that ANYONE can get to the switch with no credentials.  

Am I missing something here?
Did you enable authentication on console and vty lines - reference guide pages 90 - 91.
baleman2Author Commented:
Am looking at those pages now.  If I follow the Comware column's instructions explicitly, I'm making these entries from the initial prompt of the switch:  <HP> ?????

It looks as though the guide is creating a user named "manager" and enabling the "telnet" service.  Then, configuration continues for "user-interface vty 0 15".  How/Why/What is the significance of vty 0 15?  Why is that chosen?  Why not " vty 0 20"?  All of this seems so verbose compared to Provision CLI.

Regardless, once entered, should the "save" CLI command write this bit of configuration to the startup.cfg file?  Upon rebooting the switch, should I be prompted for the username and password?
In the case of Cisco devices by entering
line vty 0 ?
You can find out how many lines are enabled on device, so you can configure access on as many lines as you want and you can also disable other vty lines if you want to. It is up to you to configure vty lines however you find it is appropriate.
Most likely you should be prompt for credentials as soon as you configure vty line (after you disconnect current session and try to access device again), I don't think that reboot is necessary.
Sure you need to "save" otherwise changes that you make are removed after reboot of switch.
baleman2Author Commented:
Made all the entries per the manual under Comware column.  

All entries were accepted.  Saved the configuration.  Rebooted the switch.

No prompts were required to access the switch - not a username, not a password.

Screenshot attached showing access to the <HP> prompt.  Also, screenshot shows results after entering command:  display user-interface

Would I only receive a username and password prompt if I were logging in via "telnet".  Remember, right now I'm still using PC serial port to Switch Console Port for connectivity with PuttY.
baleman2Author Commented:
Sorry, forgot the screenshot.
VTY lines are for ssh and telnet, I guess that's what you configured, console access is typically separate option.
baleman2Author Commented:
So, do you think after configuring a Static IP address for the switch, and using telnet/ssh, I would get the prompts?
Yes, if properly configured (ssh need to be configured, telnet is enabled by default). So, try. :)
nociSoftware EngineerCommented:
VLAN is need for a list of VLANS, a switch does not need an interface in all VLANs, most configs only have a VLAN in the management VLAN.
baleman2Author Commented:

I wrestled through config setup all this past weekend.  Ended up with something much like you've presented to me.  I installed the switch last night and experienced needed connectivity.

However, I'm going to closely compare my own config with what you've provided to possibly improve my own.  Will take a couple of days to do this.

THANK YOU FOR YOUR ASSISTANCE!!  Your example is exactly what I was looking for.  Will update this post in a couple of days.
baleman2Author Commented:

Exactly, precisely what I needed.  Thanks so much!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.