# Switch HP Procurve

Testé sur Procurve 2650 et 2524 version H.10.119

# Connexion au Switch

Pour vous connecter au switch en port console, il vous faut un câble série DB9 femelle - femelle :

[![DB9-FF.png](http://wikidunn.ddns.net/uploads/images/gallery/2024-03/scaled-1680-/QbV3lC4aS80gyDl8-db9-ff.png)](http://wikidunn.ddns.net/uploads/images/gallery/2024-03/QbV3lC4aS80gyDl8-db9-ff.png)

- Bits : 9600
- Data bits : 8
- Parity : none
- Stop bits : 1
- Flow control : none

# Commandes de base

##### Sauvegarder la configuration

```
Procurve switch 2650# write memory
```

##### Afficher la configuration

```
Procurve switch 2650# show running-config
```

##### Passer en mode config

```
Procurve switch 2650# configure terminal
```

##### Redémarrer

```
Procurve switch 2650# reload
```

##### Renommer le switch

```
Procurve switch 2650# hostname <name>
```

##### Passerelle

```
Procurve switch 2650# ip default-gateway 192.168.1.1
```

# Mettre à jour le firmware

##### Etape 1 : Vérification de la version

```
Procurve switch 2650# show version
Image stamp:	/sw/code/build/fish
				Mar 31 2016 17:59:24
                H.10.119
                38
Boot Image:		Primary
Procurve switch 2650#
```

##### Etape 2 : Entrer dans le menu

```
Procurve switch 2650# menu
```

```
ProCurve Switch 2650                                        1-Jan-1990   0:16:54
==========================- CONSOLE - MANAGER MODE -============================
                                   Main Menu

   1. Status and Counters...
   2. Switch Configuration...
   3. Console Passwords...
   4. Event Log
   5. Command Line (CLI)
   6. Reboot Switch
   7. Download OS
   8. Run Setup
   9. Stacking...
   0. Logout


Provides the menu to display configuration, status, and counters.
To select menu item, press item number, or highlight item and press <Enter>.
```

Sélectionnez le menu n°7 : Download OS

##### Etape 3 : Configurer le mode TFTP

```
ProCurve Switch 2650                                        1-Jan-1990   0:18:18
==========================- CONSOLE - MANAGER MODE -============================
                                  Download OS

  Current Software revision : H.10.119

  Method [TFTP] : TFTP

  TFTP Server : 192.168.1.100
  Remote File Name : H.10.119

 Actions->   Cancel     Edit     eXecute     Help

Edit the fields displayed above.
Use arrow keys to change action selection and <Enter> to execute action.
```

Entrez l'adresse IP du serveur TFTP ainsi que le nom du ficher a uploader. Puis cliquez sur : eXecute

Une fois le processus terminer, redémarrez le switch.

# Supprimer la configuration

##### Supprimer la configuration

```
Procurve Switch 2650# erase startup-config
```

##### Supprimer la configuration avec le bouton RESET

Vous pouvez aussi supprimer la configuration en appuyant sur le bouton RESET sur la façade du switch

# Supprimer le mot de passe admin

Pour supprimer le mot de passe admin du switch, il faut appuyer sur le bouton CLEAR situé sur la façade du switch. Celui-ci effacera uniquement le mot de passe admin.

# Configuration des VLAN

<p class="callout info">Virtual Local Area Network</p>

##### Augmenter le nombre max de vlan

```
Procurve switch 2650(config)# max-vlan 100
Command will take effect after saving configuration and reboot
```

<p class="callout warning">Par défaut, le nombre max de vlan est de 8</p>

##### Création d'un VLAN

```
Procurve switch 2650(config)# vlan 100 name voix
Procurve switch 2650(config)# vlan 101 name data
Procurve switch 2650(config)# vlan 102 name wifi
```

##### Suppression d'un VLAN

```
Procurve switch 2650(config)# no vlan 102
```

##### Ajouter un port non taggué à un VLAN

```
Procurve switch 2650(config)# vlan 100
Procurve switch 2650(vlan-100)# untagged ethernet 1
Procurve switch 2650(vlan-100)# untagged ethernet 10-12
```

##### Ajouter un port taggué à un VLAN

```
Procurve switch 2650(config)# vlan 101
Procurve switch 2650(vlan-101)# tagged ethernet 2
Procurve switch 2650(vlan-101)# tagged ethernet 20-22
```

##### Assigner une adresse IP à un VLAN

```
Procurve switch 2650(config)# vlan 1
Procurve switch 2650(vlan-1)# ip address 192.168.1.100 255.255.255.0
```

##### Configurer un port en mode mixte

```
Procurve switch 2650(config)# vlan 100
Procurve switch 2650(vlan-100)# tagged ethernet 30
Procurve switch 2650(vlan-100)# exit
Procurve switch 2650(config)# vlan 101
Procurve switch 2650(vlan-101)# untagged ethernet 30
```

#### Configuration en mode Trunk

```
ProCurve Switch 2650(config)# vlan 100
ProCurve Switch 2650(vlan-100)# tagged ethernet 48
ProCurve Switch 2650(vlan-100)# exit
ProCurve Switch 2650(config)# vlan 101
ProCurve Switch 2650(vlan-101)# tagged ethernet 48
ProCurve Switch 2650(vlan-100)# exit
ProCurve Switch 2650(config)# vlan 102
ProCurve Switch 2650(vlan-101)# tagged ethernet 48
ProCurve Switch 2650(vlan-101)# exit
```

<p class="callout info">Tagger tous les VLAN sur le même port</p>

##### Vérification

```
Procurve switch 2650# show vlan

 Status and Counters - VLAN Information
 
  Maximum VLANs to support : 100
  Primary VLAN : DEFAULT_VLAN
  Management VLAN : 
  
  802.1Q VLAN ID	NAME			Status		Voice
  --------------    ----------  	----------  ------
  1					DEFAULT_VLAN	Port_based	No
  100				voix			Port_based	No
  101				data			Port_based	No
```

```
ProCurve Switch 2650# show vlan ports Ethernet 48

 Status and Counters - VLAN Information - for ports 48

  802.1Q VLAN ID Name         Status       Voice
  -------------- ------------ ------------ -----
  1              DEFAULT_VLAN Port-based   No
  100            data         Port-based   No
  101            voix         Port-based   No
```

# Configuration VLAN voix, LLDP et QOS

##### Configuration d'un VLAN voix

```
Procurve switch 2650(config)# vlan 100
Procurve switch 2650(vlan-100)# voice
```

```
ProCurve Switch 2650# sh vlan

 Status and Counters - VLAN Information

  Maximum VLANs to support : 8
  Primary VLAN : DEFAULT_VLAN
  Management VLAN :

  802.1Q VLAN ID Name         Status       Voice
  -------------- ------------ ------------ -----
  1              DEFAULT_VLAN Port-based   No
  100            voice        Port-based   Yes
  101            data         Port-based   No
```

##### Activation du LLDP

```
Procurve switch 2650(config)# lldp run
```

```
ProCurve Switch 2650(config)# no lldp run
```

##### Configuration de la QOS

```
ProCurve Switch 2650(config)# qos type-of-service diff-services
```

# Configuration de Telnet, SSH et WEB

##### Configuration de SSH

<p class="callout info">Secure Shell</p>

```
Procurve switch 2650(config)# crypto key generate ssh
Installating new RSA key. If the key/entropy cache is depleted, this could take up to a minute.
Procurve switch 2650(config)# ip ssh
Procurve switch 2650(config)# ip ssh timeout 120
Procurve switch 2650(config)# ip ssh version 2
Procurve switch 2650(config)# ip ssh port 22
```

Vérification

```
Procurve switch 2650(config)# show ip ssh

	SSH Enabled					: Yes
    SSH Version 				: 2
    TCP Port Number				: 22
    Timeout (sec)				: 120
    Server key Size (bits)		: 512
    Secure Copy Enabled			: No
```

##### Configuration de TELNET

<p class="callout info">Terminal Network</p>

```
Procurve switch 2650(config)# telnet-server
```

Vérification

```
Procurve switch 2650(config)# show telnet

 Telnet Activity
 
  Session	Privilege 	From			To
  -------   ---------   ---------       ----------
  **	1	Manager		Connsole
```

##### Configuration WEB

```
Procurve switch 2650(config)# web-management
```

en HTTPS :

```
Procurve switch 2650(config)# crypto key generate cert 512
Procurve switch 2650(config)# web-management ssl
```

<p class="callout warning">Plugins JAVA obligatoire pour l'utilisation du WebGUI </p>

# Configuration de l'agrégation de liens

##### LACP

```
switch1(config)# trunk 42-43 trk1 lacp
```

```
switch2(config)# trunk 42-43 trk1 lacp active
```

##### Statique

```
Procurve switch 2650(config)# trunk 1-2 trk1 trunk
```

# Configuration du NTP

<p class="callout info">NTP: Network Time Protocol</p>

##### Introduction

Pour effectuer une synchronisation NTP, il faut tout d'abord que le switch puisse aller sur internet

```
Procurve switch 2650# configure terminal
Procurve switch 2650(config)# vlan 1
Procurve switch 2650(vlan-1)# ip address 192.168.1.100 255.255.255.0
Procurve switch 2650(vlan-1)# exit
Procurve switch 2650(config)# ip default-gateway 192.168.1.1
Procurve switch 2650(config)# 
```

##### Configuration du SNTP

```
Procurve switch 2650(config)# timesync sntp
Procurve switch 2650(config)# sntp server 194.2.0.28
Procurve switch 2650(config)# sntp unicast
```

##### Vérification

```
Procurve switch 2650# show sntp

SNTP Configuration

	Time Sync Mode: sntp
    SNTP Mode: unicast
    Poll Interval (sec) [720] : 720
    
    IP Address			Protocol Version
    -------------		----------------
    194.2.0.28			3

Procurve switch 2650# show time
Sun Dec 12 10:29:05 2021
```

##### Configuration du NTP

```
Procurve switch 2650(config)# ip timep manual 194.2.0.58
Procurve switch 2650(config)# timesync timep
```

##### Vérification

```
Procurve switch 2650# show timep

 Timep Configuration
 	
    Time Sync Mode: Timep
    TimeP Mode [Disabled] : Manual		Server Address : 194.2.0.58
    Poll Interval (min) [720] : 720

Procurve switch 2650# show time
Sun Dec 12 10:37:16 2021
```

##### Configuration statique

```
ProCurve Switch 2650(config)# time 09:56
Mon Jan  1 09:56:36 1990
ProCurve Switch 2650(config)# time 05/14/2022
Sat May 14 09:56:50 2022
```

# Configuration de Syslog

<p class="callout info">Transmission de journaux</p>

##### Configuration de Syslog

```
Procurve switch 2650(config)# logging facility syslog
Procurve switch 2650(config)# logging 192.168.1.200
```

##### Vérification

```
Procurve switch 2650# show logging
```

# Configuration des ports

##### Introduction

Nous allons voir comment configurer les ports du switch

##### Vitesse

```
Procurve switch 2650(config)# interface ethernet 40
Procurve switch 2650(eth-40)# speed-duplex 100-full
Procurve switch 2650(eth-40)# speed-duplex 100-half
```

##### Description

```
Procurve switch 2650(eth-40)# name "To switch"
```

##### POE

```
Procurve switch 2650(eth-40)# power-overethernet
Procurve switch 2650(eht-40)# no power-overethernet
```

##### Activation et désactivation

```
Procurve switch 2650(eth-1)# enable
Procurve switch 2650(eth-1)# disable
```

# Configuration de Port-security

##### Configuration de port-security

```
ProCurve Switch 2650(config)# port-security ethernet 48 learn-mode
 continuous            Continuous MAC address learn mode.
 static                Static MAC address learn mode.
 configured            Static MAC address configured mode.
 port-access           Learn port-access authorized MAC address only.
 limited-continuous    Limited continuous MAC address learn mode.
```

##### Limite d'adresse MAC

```
ProCurve Switch 2650(config)# port-security ethernet 48 address-limit <NB Adresses MAX>
```

##### Alarme

```
ProCurve Switch 2650(config)# port-security ethernet 48 action
 none
 send-alarm
 send-disable
```

##### Fixer une adresse MAC

```
ProCurve Switch 2650(config)# port-security ethernet 48 mac-address 00:00:00:00:00:01
```

##### Expiration de l'adresse MAC avant nouvelle apprentissage

```
ProCurve Switch 2650(config)# mac-age-time 60 
```

##### Vérification

```
ProCurve Switch 2650(config)# show port-security ethernet 48

 Port Security

  Port : 48
  Learn Mode [Continuous] : Continuous
  Action [None] : None
```

# Configuration du STP

##### Activation

```
ProCurve Switch 2650(config)# spanning-tree
The best practice recommendation by HP Networking is
to enable MSTP or MSTP in forced RSTP operation.
```

##### Mode RSTP

```
ProCurve Switch 2650(config)# spanning-tree force-version rstp-operation
```

Pour forcer le switch en Root Bridge

```
ProCurve Switch 2650(config)# spanning-tree priority 0
```

##### Admin Edge

C'est l'équivalent du port-fast de Cisco

```
ProCurve Switch 2650(config)# spanning-tree ethernet 1 admin-edge-port
```

##### Vérification

```
ProCurve Switch 2650(config)# show spanning-tree

 Rapid Spanning Tree (RSTP) Information

  STP Enabled : Yes
  Force Version : RSTP-operation

  Switch Priority : 0                   Hello Time : 2
  Max Age : 20                          Forward Delay : 15

  Topology Change Count : 0
  Time Since Last Change : 103 mins

  Root MAC Address : 001560-190f00
  Root Path Cost : 0
  Root Port : This switch is root
  Root Priority : 0
```

# Configuration du DHCP

##### DHCP Relay

```
ProCurve Switch 2650(config)# vlan 101
ProCurve Switch 2650(vlan-101)# ip helper-address 192.168.1.199
```

Avec option 82

```
ProCurve Switch 2650(config)# dhcp-relay option 82
 append                Specifies that the option 82 field should be appended to
                       client DHCP packet.
 drop                  Specifies that the DHCP packet will be dropped
                       unconditionally, if option 82 field(s) already exists in
                       the client DHCP packet.
 keep                  Specifies that no option 82 field will be added or
                       replaced, if option 82 field(s) already exists in the
                       client DHCP packet.
 replace               Specifies that any existing option 82 fields will be
                       replaced with switch option 82 field for client DHCP
                       packet.
 validate              Specifies the validation for server response.
```

##### DHCP Snooping

Activation

```
ProCurve Switch 2650(config)# dhcp-snooping
```

Autoriser un serveur DHCP

```
ProCurve Switch 2650(config)# dhcp-snooping authorized-server 192.168.1.200
```

Activation sur un vlan

```
ProCurve Switch 2650(config)# dhcp-snooping vlan 200
```

##### Vérification

```
ProCurve Switch 2650# show dhcp-snooping
ProCurve Switch 2650# show dhcp-snooping stats
```

# Configuration de la bannière

##### Configuration

```
ProCurve Switch 2650(config)# banner motd #
Enter TEXT message.  End with the character'#'
 authorized only #
ProCurve Switch 2650(config)#
```

# Configuration du 802.1X

##### Configuration du RADIUS

```
ProCurve Switch 2650(config)# radius-server host 192.168.1.50
ProCurve Switch 2650(config)# aaa authentication port-access eap-radius
```

##### Activation sur des ports

```
ProCurve Switch 2650(config)# aaa port-access authenticator 15
LACP has been disabled on 802.1x port(s).
```

##### Bascule de VLAN en cas d'échec d'authentification

```
ProCurve Switch 2650(config)# aaa port-access authenticator 15 unauth-vid 200
ProCurve Switch 2650(config)# aaa port-access authenticator 15 client-limit 5
```

##### Activation

```
ProCurve Switch 2650(config)# aaa port-access authenticator active
```

##### Vérification

```
ProCurve Switch 2650(config)# show port-access authenticator

 Port Access Authenticator Status

  Port-access authenticator activated [No] : Yes
  Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No

              Current  Current     Cntrl
  Port Status VLAN ID  Port COS    Dir
  ---- ------ -------- ----------- -----
  15   Closed 1        No-override both
```

# Configuration du SNMP

#### SNMP v1 et v2

##### Activation

```
ProCurve Switch 2650(config)# snmp-server enable
```

```
ProCurve Switch 2650(config)# no snmp-server enable
```

##### Configuration de la communauté

```
ProCurve Switch 2650(config)# snmp-server community public
```

##### Informations

```
ProCurve Switch 2650(config)# snmp-server location BAIE1
ProCurve Switch 2650(config)# snmp-server contact Admin
```

##### Autorisation

```
ProCurve Switch 2650(config)# ip authorized-managers 192.168.1.1 255.255.255.0 access operator
```

##### Serveur SNMP

```
ProCurve Switch 2650(config)# snmp-server host 192.168.1.200
```

##### Vérification

```
ProCurve Switch 2650# show snmp-server

 SNMP Communities

  Community Name   MIB View Write Access
  ---------------- -------- ------------
  public           Manager  Unrestricted
  test             Operator Restricted

 Trap Receivers

  Link-Change Traps Enabled on Ports [All] : All

  Send Authentication Traps [No] : No

  Address               Community       Events Sent Notify Type Retry Timeout
  --------------------- --------------- ----------- ----------- ----- -------


 Excluded MIBs


 Snmp Response Pdu Source-IP Information

  Selection Policy   : Default rfc1517

 Trap Pdu Source-IP Information

  Selection Policy   : Default rfc1517
```

#### SNMP v3

##### Activation

```
ProCurve Switch 2650(config)# snmpv3 enable
SNMPv3 Initialization process.
Creating user 'initial'
Authentication Protocol: MD5
Enter authentication password: ********
Privacy protocol is DES
Enter privacy password: ********

User 'initial' is created
Would you like to create a user that uses SHA? y
Enter user name: dunn
Authentication Protocol: SHA
Enter authentication password: ********
Privacy protocol is DES
Enter privacy password: ********

User creation is done.  SNMPv3 is now functional.
Would you like to restrict SNMPv1 and SNMPv2c messages to have read only
access (you can set this later by the command 'snmp restrict-access'): y
ProCurve Switch 2650(config)#
```

##### Configuration

```
ProCurve Switch 2650(config)# snmpv3 user <user> auth sha <MDP> priv aes <MDP>
ProCurve Switch 2650(config)# snmpv3 group <groupe> user <user> sec-model ver3
```

##### Vérification

```
ProCurve Switch 2650# show snmpv3 enable
ProCurve Switch 2650# show snmpv3 user
ProCurve Switch 2650# show snmpv3 group
```

# Importer et Exporter la configuration via TFTP

##### Exporter la configuration vers un serveur TFTP

```
ProCurve Switch 2650# copy startup-config tftp 192.168.1.200 config.txt
```

##### Importer la configuration depuis un serveur TFTP

```
ProCurve Switch 2650# copy tftp startup-config 192.168.1.200 config.txt
Device may be rebooted, do you want to continue [y/n]?  y
```

# Gestion de la table ARP

##### Voir la table ARP

```
ProCurve Switch 2650# show arp

 IP ARP table

  IP Address      MAC Address       Type    Port
  --------------- ----------------- ------- ----
  192.168.1.10    00:00:00:00:00:01 ARPA	e1
```

##### Vider la table ARP

```
ProCurve Switch 2650# clear arp
```