aruba交换机配置实战篇.docx
《aruba交换机配置实战篇.docx》由会员分享,可在线阅读,更多相关《aruba交换机配置实战篇.docx(15页珍藏版)》请在冰豆网上搜索。
aruba交换机配置实战篇
一,忘记密码按以下操作
超级账号密码
password
forgetme!
!
Admin密码修改
ArubaS2500-24P)(config)#mgmt-useradminroot
Password:
********//admin123!
Re-Typepassword:
********//admin123!
(ArubaS2500-24P)(config)#end
Enable密码重新设置
(ArubaS2500-24P)(config)#enablesecret?
secretEntertheenablepassword
(ArubaS2500-24P)(config)#enablesecret
Password:
******、直接输入新密码、
Re-Typepassword:
******再次输入
这个账号只能用于需改密码,需要配置的话要退出用admin账号进入才能操作
二,交换机初始化
<<<<>>>>
User:
admin
Password:
********///admin123//默认密码
(ArubaS2500-24P)>enable
Password:
******//enable
Quick-setuphelpsinsettingthebasicconfigurationofthesystem
Autoconfigurationofsystemwillbestopped,ifQuick-setupislaunchedbyuser
InvokeQuick-setup(y|n)[y]:
y
*****************WelcometotheArubaS2500-24Psetupdialog*****************
Thisdialogwillhelpyoutosetthebasicconfigurationfortheswitch.
Thesesettings,exceptfortheCountryCode,canlaterbechangedfromthe
CommandLineInterfaceorGraphicalUserInterface.
Commands:
Submitinputoruse[defaultvalue],Help
Back,Forward,Linebegin,Lineend
Delete,Deleteback,Deletetoendofline
Previousquestion,Restartbeginning,toexit
EnterSystemname[ArubaS2500-24P]:
aruba2500-xmu-2f
ConfigureinbandmanagementVLAN[yes|no]:
yes是否开启管理VLAN
Inbandmanagementvlanid[1]:
711管理VLAN段
EnterthememberinterfacesformanagementVLAN(Example0/0/0,0/0/1):
0/0/23,0/1/1添加需要trunk的端口
EntermanagementVLANIPaddress[172.16.0.254]:
172.31.11.2管理ip
EntermgmtVLANinterfacesubnetmask[255.255.255.0]:
回车
EnterOutofbandmanagementinterfaceIPaddress[none]:
回车
EnterIPDefaultgateway[none]:
172.31.11.1网关
EnterCountrycode(ISO-3166),forsupportedlist:
CN中国
YouhavechosenCountrycodeCNforChina(yes|no)?
:
yes
EnterTimeZone[PST-8:
0]:
CST+8:
0
EnterTimeinUTC[03:
48:
15]:
EnterDate(MM/DD/YYYY)[7/4/2013]:
EnterPasswordforadminlogin(upto32chars):
*********//admin123!
Re-typePasswordforadminlogin:
*********//admin123!
EnterPasswordforenablemode(upto15chars):
******//enablle
Re-typePasswordforenablemode:
******//enable
Currentchoicesare:
Systemname:
aruba2500-xmu-2f
ConfigureinbandmanagementVLAN:
yes
vlanidforinbandmanagement[1-4094]:
711
MembersinterfacesofmanagementVLAN:
0/0/23,0/1/1
IPaddressofmanagementVLAN:
172.31.11.2
ManagementVLANinterfacesubnetmask:
255.255.255.0
IPDefaultgateway:
172.31.11.1
Countrycode:
CN
TimeZone:
CST+8:
0
Typetogobackandchangeanswerforanyquestion
Doyouwishtoacceptthechanges(yes|no|abort):
yes
Creatingconfiguration...
Done.
Configuring...
SavingConfiguration...
ConfigurationSaved.
(aruba2500-xmu-2f)#configureter
EnterConfigurationcommands,oneperline.EndwithCNTL/Z
(aruba2500-xmu-2f)(config)#telnetcli//开启telnet功能
(aruba2500-xmu-2f)(config)#end
(aruba2500-xmu-2f)#showipinterfacebrief
InterfaceIPAddress/IPNetmaskAdminProtocol
vlan711172.31.11.2/255.255.255.0UpUp
mgmtunassigned/unassignedUpDown
(aruba2500-xmu-2f)#ping172.31.11.1
Press'q'toabort.
Sending5,100-byteICMPEchosto172.31.11.1,timeoutis2seconds:
.....
Successrateis0percent(0/5)
(aruba2500-xmu-2f)#ping172.31.11.1
(aruba2500-xmu-2f)#configureter
(aruba2500-xmu-2f)(config)#interface-groupgigabitethernetap创建端口组
(aruba2500-xmu-2f)(gigabitethernet"ap")#apply-to0/0/0-0/0/23把0/0/0-0/0/23加入组中
(aruba2500-xmu-2f)(gigabitethernet"ap")#exit
(aruba2500-xmu-2f)(switchingprofile"ap")#vlan712创建vlan712(我给AP用的)
(aruba2500-xmu-2f)(VLAN"712")#exit
(aruba2500-xmu-2f)(config)#interface-profileswitching-profileap
(aruba2500-xmu-2f)(switchingprofile"ap")#access-vlan712关联
(aruba2500-xmu-2f)(switchingprofile"ap")#exit
(aruba2500-xmu-2f)(config)#interface-profilepoe-profileap
(aruba2500-xmhu-2f)(PoweroverEthernetprofile"ap")#enable开启POE供电功能
(aruba2500-xmu-2f)(PoweroverEthernetprofile"ap")#exit
(aruba2500-xmu-2f)(config)#interface-groupgigabitethernetap
(aruba2500-xmu-2f)(gigabitethernet"ap")#switching-profileap应用到端口
(aruba2500-xmu-2f)(gigabitethernet"ap")#poe-profileap应用到端口
(aruba2500-xmu-2f)(gigabitethernet"ap")#end
如果想把那个端口trunk,可以这样
(aruba2500-xmu-2f)(config)#interfaceg0/0/2
(aruba2500-xmu-2f)#switching-profileUpstream-profile
删除的话就加no
(aruba2500-xmu-2f)#noswitching-profileUpstream-profile
如果要把那个端口加入vlan20
(aruba2500-xmu-2f)#vlan20
(aruba2500-xmu-2f)(VLAN"20")#exit
(aruba2500-xmu-2f)(config)#interface-profileswitching-profile20
(aruba2500-xmu-2f)(switchingprofile"ap")#access-vlan20
(aruba2500-xmu-2f)(config)#interfaceg0/0/2
(aruba2500-xmu-2f)#switching-profile20
删除就加no
(aruba2500-xmu-2f)#noswitching-profile20或者
(aruba2500-xmu-2f)#noswitching-profile
三,升级配置把网线接到23口,电脑开启tftp服务器软件
ArubaS2500-24P)(config)#interface-profileswitching-profileftp//--创建模板FTP
(ArubaS2500-24P)(switchingprofile"ftp")#access-vlan1关联vlan1
(ArubaS2500-24P)(switchingprofile"ftp")#exit
(ArubaS2500-24P)(config)#interfacegigabitethernet0/0/23
(ArubaS2500-24P)(gigabitethernet"0/0/23")#switching-profileftp//启用ftp
(ArubaS2500-24P)(gigabitethernet"0/0/23")#exit
(ArubaS2500-24P)(config)#interfacevlan1
(ArubaS2500-24P)(vlan"1")#ipaddress10.0.0.1255.0.0.0
(ArubaS2500-24P)(vlan"1")#exit
(ArubaS2500-24P)(config)#end
(ArubaS2500-24P)#ping10.0.0.5
(ArubaS2500-24P)#
(ArubaS2500-24P)#
(ArubaS2500-24P)#copyftp:
10.0.0.5adminArubaOS_MAS_7.2.2.1_38712system:
partition0
Password:
******//---admin和密码是ftp的用户名和没密码,10.0.0.5是电脑的ip
Press'q'toabort.
Copyingfile:
............................................................
Filecopiedsuccessfully.
Savingfiletoflash:
...
Member-0:
Thesystemwillbootfrompartition0duringthenextreboot.
(ArubaS2500-24P)#re?
reloadColdstarttheswitch
renamerenameafile
restorerestorefileorconfiguration
(ArubaS2500-24P)#reload
Doyouwanttosavetheconfiguration(y/n):
n
Doyoureallywanttorestartthesystem(y/n):
y
Systemwillnowrestart!
Shutdownprocessingstarted
(aruba2500-xmu-2f)#writememory保存
SavingConfiguration...
ConfigurationSaved.
(aruba2500-xmu-2f)#showrunning-config
BuildingConfiguration...
#
#ConfigurationfileforArubaOS
version7.2
enablesecret"******"
telnetcli
hostname"aruba2500-xmu-2f"
clocktimezoneCST8
location"Building1.floor1"
controllerconfig3
ipaccess-listethvaliduserethacl
permitany
!
!
!
ipaccess-liststatelessdns-acl-stateless
anyanysvc-dnspermit
!
ipaccess-liststatelesshttp-acl-stateless
anyanysvc-httppermit
!
ipaccess-liststatelesshttps-acl-stateless
anyanysvc-httpspermit
!
ipaccess-liststatelessicmp-acl-stateless
anyanysvc-icmppermit
!
ipaccess-liststatelesslogon-control-stateless
anyanysvc-icmppermit
anyanysvc-dnspermit
anyanysvc-dhcppermit
anyanysvc-nattpermit
!
ipaccess-listsessionvaliduser
network169.254.0.0255.255.0.0anyanydeny
anyanyanypermit
ipv6aliasany6aliasany6anypermit
!
user-roleauthenticated
access-liststatelessallowall-stateless
!
user-roledenyall
!
user-roleguest
access-liststatelesshttp-acl-stateless
access-liststatelesshttps-acl-stateless
access-liststatelessdhcp-acl-stateless
access-liststatelessicmp-acl-stateless
access-liststatelessdns-acl-stateless
!
user-rolelogon
access-liststatelesslogon-control-stateless
!
!
cryptoipsectransform-setdefault-boc-bm-transformesp-3desesp-sha-hmac
cryptoipsectransform-setdefault-rap-transformesp-aes256esp-sha-hmac
cryptoisakmpeap-passthrougheap-tls
cryptoisakmpeap-passthrougheap-peap
cryptoisakmpeap-passthrougheap-mschapv2
mgmt-useradminroot9a05893a01941ea9fadbe8f7f92075bc5b5c8189ef96622520
nofirewallattack-ratecp1024
ipv6firewallext-hdr-parse-len100
!
!
firewallcp
packet-capture-defaultstcpdisableudpdisablesysmsgdisableotherdisable
!
ipdomainlookup
!
countryCN
aaaauthenticationmac"default"
!
aaaauthenticationdot1x"default"
!
aaaserver-group"default"
auth-serverInternal
setroleconditionrolevalue-of
!
aaaprofile"default"
!
aaaauthenticationcaptive-portal"default"
!
aaaauthenticationvpn"default"
!
aaaauthenticationmgmt
!
aaaauthenticationwired
!
web-server
!
aaapassword-policymgmt
!
traceoptions
!
qos-profile"default"
!
policer-profile"default"
!
ip-profile
default-gateway172.31.11.1
!
lcd-menu
!
interface-profileospf-profile"default"
area0.0.0.0
!
interface-profilepim-profile"default"
!
interface-profileigmp-profile"default"
!
stack-profile
!
ipv6-profile
!
interface-profileswitching-profile"ap"
access-vlan712
!
interface-profileswitching-profile"default"
!
interface-profileswitching-profile"Upstream-profile"
switchport-modetrunk
!
interface-profilepoe-profile"ap"
enable
!
interface-profilepoe-profile"default"
!
interface-profilepoe-profile"poe-factory-initial"
enable
!
interface-profileenet-link-profile"default"
!
interface-profilelldp-profile"default"
!
interface-profilelldp-profile"lldp-factory-initial"
lldptransmit
lldpreceive
medenable
!
interface-profilemstp-profile"default"
!
interface-profilepvst-port-profile"default"
!
vlan-profilemld-snooping-profile"default"
!
vlan-profileigmp-snooping-profile"default"
!
vlan-profileigmp-snooping-profile"igmp-snooping-factory-initial"
!
spanning-tree
modemstp
!
gvrp
!
mstp
!
lacp
!
vlan"1"
igmp-snooping-profile"igmp-snooping-factory-i
升级会员 