ExtremeSwitching (EXOS)

  • 1.  ssh and telnet access

    Posted 05-08-2017 13:01
    Hi Guys

    I am trying to setup telnet and ssh access on my extreme swicthes i ahve already tried the suggested solutions but they do not seem to help

    here is my configuration

    X440G2-48p-10G4.1 # sh configuration
    #
    # Module devmgr configuration.
    #
    configure snmp sysContact "support@extremenetworks.com, +1 888 257 3000"
    configure sys-recovery-level switch reset

    #
    # Module vlan configuration.
    #
    configure vlan default delete ports all
    configure vr VR-Default delete ports 1-52
    configure vr VR-Default add ports 1-52
    configure vlan default delete ports 1-52
    create vlan "ACCESS_CONTROL"
    configure vlan ACCESS_CONTROL description "ACCESS_CONTROL"
    configure vlan ACCESS_CONTROL tag 122
    create vlan "LAN-GUEST"
    configure vlan LAN-GUEST tag 103
    create vlan "LAN-LIVEDMZ"
    configure vlan LAN-LIVEDMZ tag 100
    create vlan "LAN-MANAGEMENT"
    configure vlan LAN-MANAGEMENT tag 900
    create vlan "LAN-MANAGEMENT-901"
    configure vlan LAN-MANAGEMENT-901 tag 901
    create vlan "LAN-SERVERS"
    configure vlan LAN-SERVERS description "LAN-SERVERS VLAN"
    configure vlan LAN-SERVERS tag 106
    create vlan "LAN-WIRELESSAPS"
    configure vlan LAN-WIRELESSAPS tag 108
    create vlan "LAN-WIRELESSMOBILE"
    configure vlan LAN-WIRELESSMOBILE tag 112
    create vlan "LAN-WIRELESSPCS"
    configure vlan LAN-WIRELESSPCS tag 109
    create vlan "LAN-WORKSTATIONS"
    configure vlan LAN-WORKSTATIONS description "WORKSTATIONS"
    configure vlan LAN-WORKSTATIONS tag 105
    create vlan "VOIP"
    configure vlan VOIP description "Telephone VLAN"
    configure vlan VOIP tag 104
    create vlan "WIFI_AP"
    configure vlan WIFI_AP tag 20
    configure vlan LAN-MANAGEMENT-901 add ports 51 tagged
    configure vlan LAN-SERVERS add ports 51 tagged
    configure vlan LAN-SERVERS add ports 40 untagged
    configure vlan LAN-WORKSTATIONS add ports 51 tagged
    configure vlan LAN-WORKSTATIONS add ports 1-39,41-48 untagged
    configure vlan VOIP add ports 1-39,41-52 tagged
    configure vlan LAN-MANAGEMENT-901 ipaddress 10.248.111.15 255.255.255.0
    enable ipforwarding vlan LAN-MANAGEMENT-901

    #
    # Module mcmgr configuration.
    #

    #
    # Module fdb configuration.
    #

    #
    # Module rtmgr configuration.
    #

    #
    # Module policy configuration.
    #

    #
    # Module aaa configuration.
    #

    #
    # Module acl configuration.
    #

    #
    # Module bfd configuration.
    #

    #
    # Module cfgmgr configuration.
    #

    #
    # Module dosprotect configuration.
    #

    #
    # Module dot1ag configuration.
    #

    #
    # Module eaps configuration.
    #

    #
    # Module edp configuration.
    #

    #
    # Module elrp configuration.
    #

    #
    # Module ems configuration.
    #

    #
    # Module epm configuration.
    #

    #
    # Module erps configuration.
    #

    #
    # Module esrp configuration.
    #

    #
    # Module ethoam configuration.
    #

    #
    # Module etmon configuration.
    #

    #
    # Module exsshd configuration.
    #
    enable ssh2

    #
    # Module hal configuration.
    #

    #
    # Module idMgr configuration.
    #

    #
    # Module ipSecurity configuration.
    #

    #
    # Module ipfix configuration.
    #

    #
    # Module lldp configuration.
    #

    #
    # Module mrp configuration.
    #

    #
    # Module msdp configuration.
    #

    #
    # Module netLogin configuration.
    #

    #
    # Module netTools configuration.
    #

    #
    # Module ntp configuration.
    #

    #
    # Module poe configuration.
    #

    #
    # Module rip configuration.
    #

    #
    # Module r.png configuration.
    #

    #
    # Module snmpMaster configuration.
    #
    disable snmp access

    #
    # Module stp configuration.
    #

    #
    # Module techSupport configuration.
    #
    enable tech-support collector

    #
    # Module telnetd configuration.
    #

    #
    # Module tftpd configuration.
    #

    #
    # Module thttpd configuration.
    #

    #
    # Module twamp configuration.
    #

    #
    # Module vmt configuration.
    #

    #
    # Module vsm configuration.
    #
    X440G2-48p-10G4.2 # sh management
    CLI idle timeout : Enabled (20 minutes)
    CLI max number of login attempts : 3
    CLI max number of sessions : 8
    CLI paging : Enabled (this session only)
    CLI space-completion : Disabled (this session only)
    CLI configuration logging : Disabled
    CLI password prompting only : Disabled
    CLI RADIUS cmd authorize tokens : 2
    CLI scripting : Disabled (this session only)
    CLI scripting error mode : Ignore-Error (this session only)
    CLI persistent mode : Persistent (this session only)
    CLI prompting : Enabled (this session only)
    CLI screen size : 24 Lines 80 Columns (this session only)
    CLI refresh : Enabled
    Telnet access : Enabled (tcp port 23 vr all)
    : Access Profile : not set
    SSH access : Enabled (Key valid, tcp port 22 vr all)
    : Secure-Mode : Off
    : Access Profile : not set
    SSH2 idle time : 60 minutes
    Web access : Enabled (tcp port 80)
    : Access Profile : not set
    Total Read Only Communities : 1
    Total Read Write Communities : 1
    RMON : Disabled
    SNMP access : Disabled
    : Access Profile : not set
    SNMP Compatibility Options :
    GETBULK Reply Too Big Action : Too Big Error
    IP Fragmentation : Disallow
    SNMP Notifications : Enabled
    SNMP Notification Receivers : None
    SNMP stats: InPkts 0 OutPkts 0 Errors 0 AuthErrors 0
    Gets 0 GetNexts 0 Sets 0 Drops 0
    SNMP traps: Sent 0 AuthTraps Enabled
    SNMP inform: Sent 0 Retries 0 Failed 0

    Thank you in advance



  • 2.  RE: ssh and telnet access

    Posted 05-08-2017 13:23
    Hello Lutha,

    Can you ping the switch IP? If not it looks you need you need a default route for the switch.


  • 3.  RE: ssh and telnet access

    Posted 05-08-2017 13:25
    Are you able to ping the switch? Telnet and SSH both look to be setup correctly.

    The one thing that stands out to me is that there is no default route on the switch. Are you trying to reach the switch from within the 10.248.111.0/24 subnet? If not, you will need a default gateway on the switch, so it can get back to you.


  • 4.  RE: ssh and telnet access

    Posted 05-08-2017 13:50
    the commands " show iparp " "show fdb"

    might also help. this will show you if you have any ARP infos in the vlan you expect the IP communication. Also check if you not have an duplicate IP setup. that might cause the same results.

    an default route looks like that:
    configure iproute add default 10.248.111.254

    regards
    -


  • 5.  RE: ssh and telnet access

    Posted 05-10-2017 11:23
    Hi Guys thanks for the solutions i discovered that the switch is daisy chained to another switch as well as there isnt a default route... i will discuss this with my team so we can properly manage the switch thanks again