...
- PoE auf allen Ports aktiv (autodetect = Auch nicht PoE kann angeschlossen werden)
- Firmware-Update macht Probleme (Alte Firmware auf dem Gerät)
- SSH + Web aktiviert
- Benutzername: rw (ro für nur lesend), Passwort haben Matthias Walther und Sebastian Danek
- Passwort setzen: cli password read-only; cli password read-write; cli password serial local; cli password telnet local; save config
SSH: ssh -v -oPubkeyAcceptedKeyTypes=+ssh-dss -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-dss RW@192.168.201.1
- Den privaten SSH-Schlüssel gibt es bei MPW
VLan
ID | Bezeichnung | Ports |
---|---|---|
100 | Management1, 2, 3, 5, 23, 24 | |
401 | 201_D16_Client (Standort 201)1, 2 | |
501 | 201_D16_Mesh (Standort 201)1, 2, 4 | |
601 | RF_BEZHAW1, 3, 5 | |
602 | RF_BEZGEI1, 3, 5 |
Config-File
Codeblock |
---|
enable
configure terminal
telnet-access logging all
cli password switch serial local
cli password switch telnet local
ip default-gateway 192.168.1.1
ip address switch 192.168.201.1
ip address netmask 255.255.0.0
ssh
ssl
spanning-tree port-mode auto
vlan create 100,400,401,500,501,601,602 type port 1
vlan name 100 "Management"
vlan name 400 "201_D06_Client"
vlan name 401 "201_D16_Client"
vlan name 500 "201_D06_Mesh"
vlan name 501 "201_D16_Mesh"
vlan name 601 "RF_BEZHAW"
vlan name 602 "RF_BEZGEI"
#--------------------
vlan ports 1-6 tagging tagAll filter-untagged-frame enable
vlan ports 7-20 tagging unTagPvidOnly
vlan ports 21-24 tagging tagAll filter-untagged-frame enable
#1 Alle ServerLanPort1(eth0) pvid 100
#2 Alle ServerLanPort1(eth0) pvid 100
#3 100+401+501 unterenDach-Ebene filteruntagged
#4 100+401+501 unterenDach-Ebene filteruntagged
#5 100+601+602 oberenDach-Ebene filteruntagged
#6 100+601+602 oberenDach-Ebene filteruntagged
#7 100 Management pvid 100
#8 100 Management pvid 100
#9-12 501 Meshnetz pvid 501
#13-14 400 Test-Clientnetz pvid 400
#15-16 500 Test-Meshnetz pvid 500
#17-20 401 Clientnetz Pvid 401
#21-24 Alle Downlink filteruntagged
vlan configcontrol flexible
vlan members 1 NONE
vlan members 100 1-8,21-24
vlan members 400 1-2,13-14
vlan members 401 1-4,17-24
vlan members 500 1-2,15-16
vlan members 501 1-4,9-12,21-24
vlan members 601 1-2,5-6,21-24
vlan members 602 1-2,5-6,21-24
vlan ports 7-8 pvid 100
vlan ports 9-12 pvid 501
vlan ports 13-14 pvid 400
vlan ports 15-16 pvid 500
vlan ports 17-20 pvid 401
vlan mgmt 100
telnet-access disable
web-server disable
save config
exit |