ICX
Ruckus / Brocade Switches
See Ruckus
Connect
Connect on Linux
# apt install tio tio -b 9600 /dev/ttyS0 tio -b 9600 /dev/ttyUSB0
# apt install minicom minicom -b 9600 -D /dev/ttyS0 minicom -b 9600 -D /dev/ttyUSB0
Connect on Windows
Use Tera Term or Putty and connect to COMX with Baud 9600
CLI
Show Config
sh run
All but "show config" will need "enable"
>enable
Interfaces
Show Interfaces
sh int bri
Show specific port:
show int eth 1/1/1
Show management port:
sh int bri | begin mgmt
IP
Show IP:
show ip
License
Show licenses:
sh license
Logs
Show logs:
sh log
Clear logs:
clear log
Sample:
Syslog logging: enabled ( 0 messages dropped, 1 flushes, 0 overruns) Buffer logging: level ACDMEINW, 0 messages logged level code: A=alert C=critical D=debugging M=emergency E=error I=informational N=notification W=warning Dynamic Log Buffer (50 lines): Jan 1 12:19:30:I:Security: SSH login by myuser from src IP 10.10.10.10 from src MAC xxxx.xxxx.xxxx to USER EXEC mode using RSA as Server Host Key. Jan 1 00:00:57:I:STP: VLAN 1 Port 1/1/30 STP State -> FORWARDING (FwdDlyExpiry) Jan 1 00:00:55:I:STP: VLAN 1 Port 1/1/48 STP State -> LEARNING (FwdDlyExpiry)
Pagination
>enable
to skip pagination:
skip # or skip-page-display Disable page display mode
to page:
page Enable page display mode
Ping
ping [IP]
POE
Enable POE:
conf t interface eth 1/1/1 inline power
Disable POE:
conf t interface eth 1/1/1 no inline power
Show Interface POE:
show inline power
Show Interface POE details: (and firmware version)
show inline power details
Limit POE on interface:
int ent ethernet 1/1/1 to 1/1/48 inline power inline power power-limit 25000
Reboot Switch
reload
SSH
Note, the ICX uses really old key exchange method 'diffie-hellman-group1-sha1'
debug1: kex: algorithm: diffie-hellman-group1-sha1 debug1: kex: host key algorithm: ssh-rsa debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha1 compression: none debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha1 compression: none
Enable SSH:
## Generate keys # Their offer: ssh-dss crypto key generate dsa # Their offer: ssh-rsa crypto key generate rsa # Add admin user: username admin pri 0 password [PASSWORD] # enable aaa authentication login default local
Disable SSH:
crypto key zeroize crypto key zeroize dsa
Version
Show switch version and model and serial:
show version sh ver
Example:
>sh ver ... UNIT 1: compiled on Mar 2 2012 at 12:38:17 labeled as ICX64S07400 (10360844 bytes) from Primary ICX64S07400.bin SW: Version 07.4.00T311 Boot-Monitor Image size = 512, Version:07.4.00T310 (kxz07400) HW: Stackable ICX6450-48-HPOE ========================================================================== UNIT 1: SL 1: ICX6450-48p POE 48-port Management Module Serial #: BZTXXXXXXXX License: BASE_SOFT_PACKAGE (LID: dbvHKIFjFox) ...
VLANs
Show VLANs:
show vlan
Config
Configure:
enable configure terminal # or conf t
Show Config:
show config sh run
Write Config:
write mem
Clear Config:
erase startup-config
DHCP Client
Management Interface DHCP Client
dhcp ip
ip dhcp-client enable ip dhcp-client auto-update enable no ip dhcp-client enable
Static IP
ip address 10.10.10.104/24 # or ip address 10.10.10.104 255.255.255.0
ip default-gateway 10.10.10.1 no ip dhcp-client auto-update enable no ip dhcp-client enable
Show IP:
show ip
Interface
sh int bri
Show specific port:
show int eth 1/1/1
Show management port:
sh int bri | begin mgmt
Disable Interface
int eth 1/1/48 disable enable
Spanning Tree
Disable Spanning Tree On specific port:
interface ethernet 1/1/1 loop-detection no spanning-tree !
VLAN
Show VLANs:
show vlan
Clear VLAN:
no vlan [#]
Hostname
hostname [name]
Users
Add Users:
username admin password [PASSWORD] no username admin
username myuser privilege [LEVEL] password [PASSWORD] # LEVEL: <0 READ-WRITE, 4 PORT-CONFIG, 5 READ-ONLY> User privilege level
Require Login:
aaa authentication web-server default local aaa authentication login default local
Configure seperate enable privilege passwords:
enable super-user-password [PASSWORD] enable port-config-password [PASSWORD] enable read-only-password [PASSWORD]
no enable super-user-password
Enter enable mode:
enable
Show who logged in as:
sh who
Privilege Levels
3 privileged levels:
- enable super-user-password [PASSWORD]] - Super-user level password
- enable port-config-password [PASSWORD]] - Port level configuration password
- enable read-only-password [PASSWORD]] - Read-only level password
- Super User level - Allows complete read-and-write access to the system. This is generally for system administrators and is the only management privilege level that allows you to configure passwords.
- Port Configuration level - Allows read-and-write access for specific ports but not for global (system-wide) parameters.
- Read-only level - Allows access to the Privileged EXEC mode and User EXEC mode of the CLI but only with read access.
Reset Password
As switch boots up, when you see the following, press 'b':
Enter 'b' to stop at boot monitor:
then type "no password":
no password
then type "boot" to continue booting:
boot # or boot_primary
Then either change password
enable conf t