- Hewlett-Packard Switch User Manual
Table Of Contents
- HP ProCurve 2520 Switches Management and Configuration Guide
- Front Cover
- Title Page
- Copyright, Notices, & Publication Data
- Contents
- Feature Index
- 1.Getting Started
- 2.Selecting a Management Interface
- 3.Using the Menu Interface
- 4.Using the Command Line Interface (CLI)
- 5.Using the ProCurve Web Browser Interface
- 6.Switch Memory and Configuration
- 7.Interface Access and System Information
- 8.Configuring IP Addressing
- 9.Time Protocols
- 10.Port Status and Configuration
- Contents
- Overview
- Viewing Port Status and Configuring Port Parameters
- Menu: Port Status and Configuration
- CLI: Viewing Port Status and Configuring Port Parameters
- Customizing the Show Interfaces Command
- Viewing Port Utilization Statistics
- Viewing Transceiver Status
- Enabling or Disabling Ports and Configuring Port Mode
- Enabling or Disabling Flow Control
- Configuring a Broadcast Limit on the Switch
- Configuring ProCurve Auto-MDIX
- Web: Viewing Port Status and Configuring Port Parameters
- Using Friendly (Optional) Port Names
- 11.Power Over Ethernet (PoE) Operation
- 12.Port Trunking
- Contents
- Overview
- Port Trunk Features and Operation
- Trunk Configuration Methods
- Menu: Viewing and Configuring a Static Trunk Group
- CLI: Viewing and Configuring Port Trunk Groups
- Web: Viewing Existing Port Trunk Groups
- Trunk Group Operation Using LACP
- Trunk Group Operation Using the “Trunk” Option
- How the Switch Lists Trunk Data
- Outbound Traffic Distribution Across Trunked Links
- 13.Configuring for Network Management Applications
- Contents
- Using SNMP Tools To Manage the Switch
- LLDP (Link-Layer Discovery Protocol)
- Terminology
- General LLDP Operation
- Packet Boundaries in a Network Topology
- Configuration Options
- Options for Reading LLDP Information Collected by the Switch
- LLDP and LLDP-MED Standards Compatibility
- LLDP Operating Rules
- Configuring LLDP Operation
- LLDP-MED (Media-Endpoint-Discovery)
- Displaying Advertisement Data
- LLDP Operating Notes
- LLDP and CDP Data Management
- A.File Transfers
- B.Monitoring and Analyzing Switch Operation
- Contents
- Overview
- Status and Counters Data
- Menu Access To Status and Counters
- General System Information
- Task Monitor—Collecting Processor Data
- Switch Management Address Information
- Port Status
- Viewing Port and Trunk Group Statistics and Flow Control Status
- Viewing the Switch’s MAC Address Tables
- Spanning Tree Protocol (MSTP) Information
- Internet Group Management Protocol (IGMP) Status
- VLAN Information
- Web Browser Interface Status Information
- Interface Monitoring Features
- Locating a Device
- C.Troubleshooting
- Contents
- Overview
- Troubleshooting Approaches
- Browser or Telnet Access Problems
- Unusual Network Activity
- General Problems
- 802.1Q Prioritization Problems
- IGMP-Related Problems
- LACP-Related Problems
- Port-Based Access Control (802.1X)-Related Problems
- QoS-Related Problems
- Radius-Related Problems
- Spanning-Tree Protocol (MSTP) and Fast-Uplink Problems
- SSH-Related Problems
- TACACS-Related Problems
- TimeP, SNTP, or Gateway Problems
- VLAN-Related Problems
- Fan Failure
- Using the Event Log for Troubleshooting Switch Problems
- Debug/Syslog Operation
- Debug/Syslog Messaging
- Debug/Syslog Destination Devices
- Debug/Syslog Configuration Commands
- Configuring Debug/Syslog Operation
- Debug Command
- Logging Command
- Adding a Description for a Syslog Server
- Adding a Priority Description
- Configuring the Severity Level for Event Log Messages Sent to a Syslog Server
- Operating Notes for Debug and Syslog
- Diagnostic Tools
- Viewing Switch Configuration and Operation
- Restoring the Factory-Default Configuration
- Restoring a Flash Image
- DNS Resolver
- D.MAC Address Management
- E.Daylight Savings Time on ProCurve Switches
- F.Power-Saving Features
- Index
- Notices & Publication Data
File Transfers
Downloading Switch Software
Using Secure Copy and SFTP
For some situations you may want to use a secure method to issue commands
or copy files to the switch. By opening a secure, encrypted SSH session you
can then use a third-party software application to take advantage of Secure
Copy (SCP) and Secure ftp (SFTP). SCP and SFTP provide a secure alternative
to TFTP for transferring information that may be sensitive (like switch con-
figuration files) to and from the switch. Essentially you are creating a secure
SSH tunnel as a way to transfer files with SFTP and SCP channels.
To use these commands you must install on the administrator workstation a
third-party application software client that supports the SFTP and/or SCP
functions. Some examples of software that supports SFTP and SCP are
PuTTY, Open SSH, WinSCP, and SSH Secure Shell. Most of these are freeware
and may be downloaded without cost or licensing from the internet. There are
differences in the way these clients work, so be sure you also download the
documentation.
As described earlier in this chapter you can use a TFTP client on the admin-
istrator workstation to update software images. This is a plain text mechanism
and it connects to a standalone TFTP server or another ProCurve switch
acting as a TFTP server to obtain the software image file(s). Using SCP and
SFTP allows you to maintain your switches with greater security. You can also
roll out new software images with automated scripts that make it easier to
upgrade multiple switches simultaneously and securely.
SFTP (secure file transfer protocol) is unrelated to FTP, although there are
some functional similarities. Once you set up an SFTP session through an SSH
tunnel, some of the commands are the same as FTP commands. Certain
commands are not allowed by the SFTP server on the switch, such as those
that create files or folders. If you try to issue commands such as create or
remove using SFTP the switch server returns an error message.
You can use SFTP just as you would TFTP to transfer files to and from the
switch, but with SFTP your file transfers are encrypted and require authenti-
cation, so they are more secure than they would be using TFTP. SFTP works
only with SSH version 2 (SSH v2).
Note SFTP over SSH version 1 (SSH v1) is not supported. A request from either the
client or the switch (or both) using SSH v1 generates an error message. The
actual text of the error message differs, depending on the client software in
use. Some examples are:
Protocol major versions differ: 2 vs. 1
Connection closed
A-9