RUCKUS | PLUME | IGNITENET | DISTRIBUUTOR | WI-FI EKSPERT | ÜRITUSTE INTERNET | 25 AASTAT KOGEMUST

Ruckus ICX switchide seadistamine
Ruckus ICX switchide seadistamine
  sildid: -
  06/05/2019

Juurdepääsu tekitamine

Esmalt ühendume ICX switchi külge läbi konsooli. Füüsilise ühenduse loome tavalise USB kaabliga, mille switchi poolne pistik on USB-C, ehk sama kaabel, mida kasutatakse uuemate telefonide laadimiseks.

Esimese seadistusena määrame switchile management IP ning aktiveerime veebiliidese. Mgmt IP'ks saab 192.168.3.19, subnet /24, gateway 192.168.3.1 ning loome sertifikaadi.

ICX7150-C12 Switch>enable
No password has been assigned yet…
ICX7150-C12 Switch#configure terminal
ICX7150-C12 Switch(config)#ip address 192.168.3.19/24
ICX7150-C12 Switch(config)#ip default-gateway 192.168.3.1
ICX7150-C12 Switch(config)#crypto-ssl certificate generate
Creating certificate, please wait…

ICX7150-C12 Switch(config)#
ssl-certificate creation is successful
crypto-ssl certificate generate secret_data

Loome kasutaja 'ruckus' parooliga 'ruckus'. Switchi nimeks saab '3K_ICX' ning käsuga 'write mem' kirjutame seaded mällu.

ICX7150-C12 Switch(config)#username ruckus password ruckus
ICX7150-C12 Switch(config)#aaa authentication login default local
ICX7150-C12 Switch(config)#aaa authentication web-server default local
ICX7150-C12 Switch(config)#web-management https

ICX7150-C12 Switch(config)#hostname 3K_ICX
3K_ICX(config)#enable telnet authentication
3K_ICX(config)#enable aaa console
3K_ICX(config)#write mem
There is no startup config file, unable to save legacy config
Flash Memory Write (8192 bytes per dot)
.
Write startup-config done.
Copy Done.
3K_ICX(config)#

Nüüd pääseb switchile ligi üle veebiliidese:

Selleks, et aktiveerida ssh ligipääs üle mgmt lingi, tuleb luua võtmepaar:

3K_ICX(config)#crypto key generate rsa modulus 2048
3K_ICX(config)#
Creating RSA key pair, please wait…
RSA Key pair is successfully created
3K_ICX(config)#

VLANide loomine

Vlane saab lisada hulgi, st sarnaste seadistustega vlane ei pea ühekaupa tekitama ja seadistama. See võimalus aitab kokku hoida palju aega ja vaeva.
Lisame VLAN-id vahemikus 21-40 ning määrame need pordile 1/1/3

SSH@3K_ICX>enable
No password has been assigned yet...
SSH@3K_ICX#conf t
SSH@3K_ICX(config)#vlan 21 to 40 #Siin lisame vlanid 21-40
SSH@3K_ICX(config-mvlan-21-40)#tag
tagged 802.1Q tagged port
SSH@3K_ICX(config-mvlan-21-40)#tagged ethernet 1/1/3 #Siin lisame vlani'd switchi pordile 1/1/3
SSH@3K_ICX(config-mvlan-21-40)#Added tagged port(s) ethe 1/1/3 to port-vlan 21.
Added tagged port(s) ethe 1/1/3 to port-vlan 22.
Added tagged port(s) ethe 1/1/3 to port-vlan 23.
Added tagged port(s) ethe 1/1/3 to port-vlan 24.
Added tagged port(s) ethe 1/1/3 to port-vlan 25.
Added tagged port(s) ethe 1/1/3 to port-vlan 26.
Added tagged port(s) ethe 1/1/3 to port-vlan 27.
Added tagged port(s) ethe 1/1/3 to port-vlan 28.
Added tagged port(s) ethe 1/1/3 to port-vlan 29.
Added tagged port(s) ethe 1/1/3 to port-vlan 30.
Added tagged port(s) ethe 1/1/3 to port-vlan 31.
Added tagged port(s) ethe 1/1/3 to port-vlan 32.
Added tagged port(s) ethe 1/1/3 to port-vlan 33.
Added tagged port(s) ethe 1/1/3 to port-vlan 34.
Added tagged port(s) ethe 1/1/3 to port-vlan 35.
Added tagged port(s) ethe 1/1/3 to port-vlan 36.
Added tagged port(s) ethe 1/1/3 to port-vlan 37.
Added tagged port(s) ethe 1/1/3 to port-vlan 38.
Added tagged port(s) ethe 1/1/3 to port-vlan 39.
Added tagged port(s) ethe 1/1/3 to port-vlan 40.
SSH@3K_ICX(config-mvlan-21-40)#spanning-tree 802-1w # Käivitame Spanning Tree Protocol'i protsessi switchis
SSH@3K_ICX(config-mvlan-21-40)#
SSH@3K_ICX(config-mvlan-21-40)#spanning-tree 802-1w ethernet 1/1/3 admin-pt2pt-mac # Määrame pordi 1/1/3 admin point-to-point lingiks, pordil on Rapid STP

VLANe saab luua hulgi ka teise süntaksiga. Lisame VLANid 2, 4, 6, 8 ja 10.

SSH@3K_ICX#conf t
SSH@3K_ICX(config)#vlan 2 4 6 8 10
SSH@3K_ICX(config-mvlan-2*10)#tagg
tagged 802.1Q tagged port
SSH@3K_ICX(config-mvlan-2*10)#tagged ethernet 1/1/4
SSH@3K_ICX(config-mvlan-2*10)#Added tagged port(s) ethe 1/1/4 to port-vlan 2.
Added tagged port(s) ethe 1/1/4 to port-vlan 4.
Added tagged port(s) ethe 1/1/4 to port-vlan 6.
Added tagged port(s) ethe 1/1/4 to port-vlan 8.
Added tagged port(s) ethe 1/1/4 to port-vlan 10.
SSH@3K_ICX(config-mvlan-2*10)#

Hiljem on võimalik seaded kontrollida:

System-max vlan Params: Max(4095) Default(64) Current(64)
Default vlan Id :1
Total Number of Vlan Configured :26
VLANs Configured :1 to 2 4 6 8 10 21 to 40
SSH@3K_ICX#
SSH@3K_ICX#show interfaces ethernet 1/1/4
GigabitEthernet1/1/4 is down, line protocol is down
Port down for 20 minute(s) 9 second(s)
Hardware is GigabitEthernet, address is d4c1.9e94.1617 (bia d4c1.9e94.1617)
Configured speed auto, actual unknown, configured duplex fdx, actual unknown
Configured mdi mode AUTO, actual unknown
Member of 5 L2 VLANs, port is tagged, port state is BLOCKING
BPDU guard is Disabled, ROOT protect is Disabled, Designated protect is Disabled
Link Error Dampening is Disabled
STP configured to ON, priority is level0, mac-learning is enabled

Siin näeme, et lisaks default VLAN 1-le on loodud VLAN-id 2 4 6 8 10 21 kuni 40, millest 5 VLAN-i on määratud pordile 1/1/4.


Autor: Tech Support
LOE EDASI
support@3kgroup.ee