HP Aruba 2530 Network Switch VLAN Configuration
What
is VLAN?
A
virtual Local Area Network can be described as any broadcast domain that is
partitioned and isolated at the data link layer (OSI layer 2) of a computer
network. Virtual in the context refers to physical network objects altered or
recreated using additional programming logic.
VLAN works by applying tags to network packets and managing the handling of these tags in the network, creating the appearance and functionality of network traffic split between separate networks on the same physical switch.
Advantages
of using this technology includes simplicity of networks without the need for
multiple cable runs, traffic management, security and cheaper to implement
without buying multiple switches.
Precautions
are required to prevent an exploit called VLAN hopping, where traffic can
“escape” a given VLAN.
More
sophisticated switches can mark data frames through VLAN tagging, enabling a
single interconnect (Trunk) to transport data to multiple VLANs. Since VLANs
share common bandwidth, a VLAN trunk utilizes link aggregation,
Quality-of-Service (QoS) prioritization or both to route data efficiently.
VLANs
is useful for partitioning a local network into several distinctive segments,
for instance;
·
Voice
over IP
·
Network
management
·
Storage
area network (SAN)
·
Guest
Internet access network
·
Demilitarized
zone (DMZ)
·
Client
separation (ISP in a datacentre or large facility)
This document demonstrates the
processes required for layer 2 switching using and HP 48 port smart switch
which are truncated for failover load balancing.
An overview of the steps as
follows;
·
Initial
Set Up – Naming the switch, creating secure password, adding an IP address and
upgrading the firmware.
·
Creating
VLANs
·
Port
Set Up – Tagging and untagging ports.
·
Uplinking
Switches – Connecting the switches to the live network and patching any
ports.
Establishing
Connection to HP Aruba 2530 Smart Switch
For this task, we’ll be using
HP Aruba 2530 smart switch pictured above with 48 ports and a console
management port.
1. If
you know the IP address of the switch, you can access it using the address in a
browser. If however you do not know the IP, you can connect using a serial to
USB cable connected to the console port and running an SSH session using PuTTY
CLI on port number 22.
You can download PuTTY here: https://www.ssh.com/ssh/putty/download
2. Once
your computer is connected to the switch via PuTTY, you will see the interface
below, pressing Enter twice with load up the initial configuration screen,
displaying the device information.
3. You
can check the current configuration by typing the command; Show running-config or sh
run
Notice the result of your
command as shown above, the Hostname, VLAN details which includes the
“DEFAULT_VLAN”, number of untagged ports, IP address type (Usually acquired via
DHCP-BOOTP) are displayed on your PuTTY screen.
KeepKey Festive Season Limited Edition
4. To
make any changes such as create VLANs, name, password and trunks, you’ll need to
access the configuration mode of the switch by typing in the command: Conf
t Notice the (config)# line to
confirm.
5. Next,
you’ll have to enable SSH for access using the following commands; crypto key generate ssh making sure you are in config mode for this to work.
Type the next command ip ssh and press Enter.
Upgrading
the Firmware on the HP Smart Switch
Part
of the set-up process involves checking the firmware is up to date and
upgrading if required.
Some
pre-requisites are required before an upgrade can be carried out;
· Installation
of a TFTP server (SolarWinds).
·
Download
the firmware from HPE website using a registered account.
·
Put
the firmware file in the root folder of the TFTP software as seen in software
options.
6.Once all the steps are
complete, run the command:Copy tftp flash xxx.xxx.xxx.xxx FILENAME.SWI
Once
the command is successful, validation and writing system software to flash will
begin.
7. Still in Config mode,
check the firmware status of the switch with command: sh flash You’ll see the
primary image, secondary image, date and version of the firmware installed with
the current boot image.
8. The
next step involves copying the primary image to the secondary: Copy
flash flash secondary and notice the secondary match the primary in
date and version.
Naming
and Creating Password for the HP Smart Switch
If you work in an environment
such a datacentre with multiple switches managing multiple hosts, it’s a good
idea to name the switches installed for easy identification and management.
To do this still in config
mode, type in the command; Hostname “NAME OF SWITCH” not
forgetting to put your chosen name in quotation marks and Enter. You’ll notice the
Name of Switch(config) # appear on the next command line window.
We are now ready to create a
password for management of the switch using the following command; Password
Operator user-name Operator. You will get a prompt on the next line to
enter and confirm your chosen password. Bear in mind that the Operator is a
read only user.
The
ability to read/write changes requires creating a Manager password with the
following command; Password Manager user-name Manager. Enter your password
and confirm to complete the process.
Creating VLANs on the HP Smart
Switch
By
default, the switch comes with VLAN1, all ports untagged and no IP address. If
you type the sh run command and have already set up your operator and
manager passwords, details will be displayed.
9. To edit the VLAN, type
vlan
1 and press Enter to drill down into vlan-1. You can name it with command; Name
“VLAN Name or Number” and give it an IP address with command; ip
address / subnet mask
Execute
the sh
run command again to see the new configuration interface and check your
settings.
10. We can now create
other VLANs using the same steps as above. Press Ctrl+Z to go back into
config mode or type the command conf t as we did at the beginning. You
can call it VLAN2, Name it, assign IP address and subnet mask and check the
configuration.
NOTE: A very important
command to remember is WR MEM which
saves all your configurations. It’s a good idea to get into the habit if
running this command anytime you make any changes.
Switch Port
Configuration Descriptions
Switches
come with varying number of ports from small 8-port, 12-port, 24-port to large
48-port. These ports all come untagged by default and tagging can be configured
depending use case scenario.
Untagged: This is a physical
member of a VLAN and ports can only be untagged in one VLAN.
Tagged: This a port that will
carry traffic to for multiple VLANs to other networking devices. Ports can be tagged
into many VLANs.
11.The next section will
explore the process of untagging the new VLAN2 we created in the steps above;
Conf t
Vlan 2
Untagged “Port Numbers”
eg.
Port 14
The
example above for a 24-port switch after running our commands and sh run
displays the 2 vlans available with port 14 untagged in vlan2 while ports 1-13,
15-24 are untagged in vlan1.
12. Using VLAN2 as our
example, we can tag ports using the following command;
Conf t
Vlan2
Tagged “Port number” eg. Port 15
Notice
this time, vlan2 has port 15 tagged and port 14 untagged from our previous
command.
REMBER: Always run the command
WR MEM each time you make any changes as all configurations will be lost if the
switch is rebooted.
HP
Switch Useful CLI Commands
There
are some commands that come in handy as a network administrator when managing
switches. Typing Help as usual will bring down a list of possible commands you
can execute.
If however you know part of a command, type a few characters and press the Tab key to autocomplete the rest. Explore the following command list below;
If however you know part of a command, type a few characters and press the Tab key to autocomplete the rest. Explore the following command list below;
#Hostname
<hostname>--
Set switch hostname
#Ping <IP Address>-- Ping IP addresses
#Chassislocate -- Turn on/off switch locator LED or blink it (30
minutes)
#ChasisLocate Blink – Blink switch locator LED set time in minutes
#NTP1 <Time Server
Name>--
Add time server to NTP server list
#Timesync ntp -- Enable NTP
synchronization with servers
#Password operator -- Set operator password
(Normal user / Read only)
#Password manager -- Set manager password
(Admin user / read-write)
#Password all -- Set password for
operator and manager
#Enable -- Switch to manager
level from operator level
#Exit -- Exit current level
#Logout -- Logout of the switch
#Wr mem -- Saves configuration to
flash
#Conf t – Enter configuration mode
#Untagged <Port Numbers>
-- Untags
a port from a VLAN
#Tagged <Port Numbers>
-- Tags
a port to a VLAN
#int <Port Number>disable/enable – Disables or enables a
port
Final
Thoughts
We hope you
found this article useful as a guide to basic VLAN configuration on a HP smart switch.
Other advanced configurations are available such as configuring VLAN trunks for
connecting two switches in failover scenarios.
Do leave some
comments on other ways to perform this task to help other students learn more.
Thank you for investing your time with us.
Thank you for investing your time with us.
Written By: www.codexploitcybersecurity.com Twitter: @ixploitsecurity Facebook: https://www.facebook.com/icybersecure
Credits to all organisations and development teams at HP Enterprise
Solutions
2 Comments:
Great information from this blog. Buy actual Remote Aruba LAN Switch Configuration (Standard Features) at https://www.sancuro.com/services/aruba-lan-switch-lan-switch-configuration-standard-features with the best pricing.
Aruba Switches. Next Generation Access and Aggregation Switches. Aruba 2530 is a great series of switches and this series are scalable, secure, and feature HPE Smart Rate multi-gigabit ports for high-speed connectivity. Check out our latest and discounted Products at Online Web Store DC Supplies. DC Supplies has a great variety of Aruba 2530 series switches as well as other networking products.
Post a Comment