メイン コンテンツに進む
  • すばやく簡単にご注文が可能
  • 注文内容の表示、配送状況をトラック
  • 会員限定の特典や割引のご利用
  • 製品リストの作成とアクセスが可能

How to Set Up Management Access for Dell Networking N1500, N2000, N3000, and N4000 Series Switches

概要: This article explains how to set up different management options for the N series switches running OS6 and explains the recommended settings.

この記事は次に適用されます: この記事は次には適用されません: この記事は、特定の製品に関連付けられていません。 すべての製品パージョンがこの記事に記載されているわけではありません。

手順

Index

Setting a management IP address

A reachable IP address is necessary to manage the switch when not using a serial connection. To set an IP address, input the following commands. This example uses VLAN 1, the default VLAN, and the IP 192.168.0.250 /24.

console> enable
console# configure
console(config)# interface vlan 1
console(config-if)#ip address 192.168.0.250 255.255.255.0

Note: On the N2200, N3000, N3200, and N4000 switch there is an out of band (OOB) interface that can be used for managing the switch.

Here is the same example as above but using the OOB interface:
console(config)# interface out-of-band
console(config-if)# ip address 192.168.0.250 255.255.255.0

It is recommended to use the OOB interface to manage your switch when available. The OOB interface is separate from the switching silicon, and reaches the CPU directly. If the production network is experiencing issues, you can still reach the switch through the OOB interface.


Note: Plug the OOB interface into a separate management network, and do not plug it back into the inbound ports on the switch.


It is recommended when using a VLAN to manage your network, to make a separate VLAN exclusively for management. This separates management traffic from your data traffic. This not only helps with performance, but also slightly increases security. You can manage the switch through any reachable VLAN IP address.

If managing the switch from an external network, you must assign the switch a Default Gateway it can use to reach other networks. The following command uses 192.168.0.1 as the Default Gateway address.

console(config)# ip default-gateway 192.168.0.1


Setting login access on the switch

To manage the switch, a username and password are required. To manage the switch using telnet or SSH, it is best practice to have an enable password. Input the following commands to configure login access. This is an example with the username as Dell, and password as MYPASSWORD. The enable password example uses ENP@$$w0rd. These are just examples, and passwords should adhere to your organization's applicable security policy.

console> enable
console# configure
console(config)# username Dell password MYPASSWORD privilege 15
console(config)# enable password ENP@$$w0rd

Note: You may make multiple users on the switch with different levels of access. 0 is no access, 1 is read-only, and 15 is read and write.


Choosing Telnet, HTTP, SSH, or HTTPS for management

The default allowed protocols for management are Telnet and HTTP. Telnet and SSH provide command-line based management through a tool such as PuTTY. HTTP and HTTPS provide a UI-based management through a web browser. It is possible to run all four, or none of the protocols. With all the previous options disabled, there is still the option of serial console.

For security, it is recommended to disable Telnet and HTTP, and enable SSH and HTTPS. Telnet and HTTP transfer packets over plain text, meaning if a person is capturing traffic, they can read all commands of functions pushed through the switch when managing it. SSH and HTTPS encrypt the traffic, which strengthens the packet security.

To enable SSH and HTTPS, input the following commands. SSH and HTTPS require the generation of a DSA and an RSA key. HTTPS requires the creation of a certificate.

console(config)# crypto key generate dsa
console(config)# crypto key generate rsa
console(config)# ip ssh server
console(config)# crypto certificate 1 generate
console(config-crypto-cert)# key-generate
console(config-crypto-cert)# exit
console(config)# ip http secure-server

To disable Telnet and HTTP input the following commands:

console(config)# ip telnet server disable
console(config)# no ip http server

Warning: It is required to run these settings while already managing the switch through HTTPS, SSH, or serial connection as disabling these services disconnect any open sessions to the switch.


Saving configuration

When satisfied with the configuration, it must be saved so that if the switch reboots, and the configuration is persistent. Input the following command to save your configuration:

console# write memory

This operation may take a few minutes.
Management interfaces will not be available during this time.
Are you sure you want to save? (y/n) y

Note: For more details on configuring specific management options, see the User Configuration and CLI Reference Guides for your model and firmware version at Dell Support.

対象製品

N Series, PowerSwitch N1100-ON Series, PowerSwitch N1500 Series, PowerSwitch N2000 Series, PowerSwitch N2100 Series, PowerSwitch N2200-ON Series, PowerSwitch N3000 Series, Dell EMC PowerSwitch N3000E-ON Series, Dell EMC PowerSwitch N3100 Series , Dell EMC Networking N3200-ON ...

製品

PowerSwitch N3000 Series
文書のプロパティ
文書番号: 000120183
文書の種類: How To
最終更新: 13 3月 2024
バージョン:  8
質問に対する他のDellユーザーからの回答を見つける
サポート サービス
お使いのデバイスがサポート サービスの対象かどうかを確認してください。