Neuer Switch der Firma Nortel/Alatel als Ersatz-Switch im Keller

Generell

  • PoE auf allen Ports aktiv (autodetect = Auch nicht PoE kann angeschlossen werden)
  • Firmware-Update macht Probleme (Alte Firmware auf dem Gerät)
  • SSH + Web aktiviert
  • Benutzername: rw (ro für nur lesend), Passwort haben Matthias Walther und Sebastian Danek
  • Passwort setzen: cli password read-only; cli password read-write; cli password serial local; cli password telnet local; save config

  • SSH: ssh -v -oPubkeyAcceptedKeyTypes=+ssh-dss -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-dss RW@192.168.201.1

  • Den privaten SSH-Schlüssel gibt es bei MPW

VLan

IDBezeichnung
100Management
401201_D16_Client (Standort 201)
501201_D16_Mesh (Standort 201)
601RF_BEZHAW
602RF_BEZGEI


Config-File

enable
configure terminal
telnet-access logging all
cli password switch serial local
cli password switch telnet local
ip default-gateway 192.168.1.1
ip address switch 192.168.201.1
ip address netmask 255.255.0.0
ssh
ssl
spanning-tree port-mode auto
vlan create 100,400,401,500,501,601,602 type port 1
vlan name 100 "Management"
vlan name 400 "201_D06_Client"
vlan name 401 "201_D16_Client"
vlan name 500 "201_D06_Mesh"
vlan name 501 "201_D16_Mesh"
vlan name 601 "RF_BEZHAW"
vlan name 602 "RF_BEZGEI"

#--------------------
vlan ports 1-6 tagging tagAll filter-untagged-frame enable
vlan ports 7-20 tagging unTagPvidOnly
vlan ports 21-24 tagging tagAll filter-untagged-frame enable


#1		Alle 		ServerLanPort1(eth0)	pvid 100
#2		Alle 		ServerLanPort1(eth0)	pvid 100
#3		100+401+501	unterenDach-Ebene		filteruntagged
#4  	100+401+501	unterenDach-Ebene		filteruntagged
#5		100+601+602	oberenDach-Ebene		filteruntagged
#6  	100+601+602	oberenDach-Ebene		filteruntagged
#7		100			Management				pvid 100
#8		100			Management				pvid 100
#9-12	501			Meshnetz				pvid 501
#13-14	400			Test-Clientnetz			pvid 400
#15-16	500			Test-Meshnetz			pvid 500
#17-20	401			Clientnetz				Pvid 401
#21-24	Alle		Downlink				filteruntagged


vlan configcontrol flexible
vlan members 1 NONE
vlan members 100 1-8,21-24
vlan members 400 1-2,13-14
vlan members 401 1-4,17-24
vlan members 500 1-2,15-16
vlan members 501 1-4,9-12,21-24
vlan members 601 1-2,5-6,21-24
vlan members 602 1-2,5-6,21-24

vlan ports 7-8 pvid 100
vlan ports 9-12 pvid 501
vlan ports 13-14 pvid 400
vlan ports 15-16 pvid 500
vlan ports 17-20 pvid 401

vlan mgmt 100
telnet-access disable
web-server disable

save config
exit
  • Keine Stichwörter