Omitir para ir al contenido principal
  • Hacer pedidos rápida y fácilmente
  • Ver pedidos y realizar seguimiento al estado del envío
  • Cree y acceda a una lista de sus productos

Enable HTTPS/SSH and disable HTTP/Telnet for switch management on PowerConnect 8000 and 8100 series switches.

Resumen: This article provides the steps necessary to restrict management access using HTTPS and SSH.

Este artículo se aplica a Este artículo no se aplica a Este artículo no está vinculado a ningún producto específico. No se identifican todas las versiones del producto en este artículo.

Instrucciones

This procedure assumes:

The switch is already configured with an IP address and is reachable within the network.

There is an account created with Privilege Level 15.  To verify this, use the command: console#show users accounts

Caution:
The 8000 and 8100 series requires a Privileged Exec (Enable) mode password for telnet/SSH management. Failure to set this password will result in severely limited CLI management ability with SSH.  ***Add link to setting enable password via web and CLI
This process requires use of the Command Line Interface (CLI). This process can be utilized through a serial or telnet session. However if telnet is used, these steps must be followed in order to prevent unintentionally blocking access to remote management.
Before disabling either telnet or HTTP access, verify SSH or HTTPS access.
 
Note: After completing these steps, you can expect to receive errors about certificate authenticity. This is due to the certificates and keys being self-generated. This is not an error.

 

Note: If SSH or HTTPS is enabled and the disabling of telnet and HTTP is desired, skip to step 3 to disable telnet and step 5 to disable HTTP.
This system is capable of the generation and storage of 2 certificates. To generate the second key, replace the number 1 with 2. To activate the second key, use (config)# ip http secure-certificate 2.
 
  1. Connect to the switch via CLI
  2. To enable SSH, enter the following commands:
    1. console>enable
    2. console#config
    3. console(config)#crypto key generate rsa
    4. console(config)#ip ssh server
  3. To disable telnet, enter:  console(config)# ip telnet server disable
  4. To enable HTTPS, enter the following commands"
    1. console(config)# crypto certificate 1 generate
    2. console(config-crypto-cert)#key-generate <512-2048>
    3. console(config-crypto-cert)#exit
    4. console(config)# ip http secure-server
  5. To disable HTTP, enter:  console(config)# no ip http server
  6. After verifying connectivity via SSH or HTTPS, save the configuration by entering:  console#copy running-config startup-config

 

Productos afectados

PowerConnect 8024, PowerConnect 8024F, PowerConnect 8100 Series
Propiedades del artículo
Número del artículo: 000120235
Tipo de artículo: How To
Última modificación: 21 feb 2021
Versión:  5
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.