http://www.dell.com/Support/Article/us/en/19/HOW10832
A reachable IP address is needed to manage the switch when not using a serial connection. IP addresses must be configured on VLAN interfaces. To set an IP address input the following commands. This example assigns 192.168.0.254 to VLAN 1.
console>enable console#configure console(config)#interface vlan 1 console(config-if)#ip address 192.168.0.254 /24It is recommended to make a separate VLAN for management of all your network devices when possible. This separates management traffic from data traffic, which increases performance and can have side effect of increased security.
If managing the switch from a separate network, the switch will need a default gateway just like a workstation so management protocols such as telnet, or TFTP, can find other networks. The following command configures a default gateway.
console(config)#ip default-gateway 192.168.0.1To manage the switch without serial, you will need a username, and password. Telnet and SSH will require an enable password. Use the following commands to set a user account and enable password. This example uses the username Dell with a password of P@$$w0rd. The enable password example is ENP@$$w0rd.
console>enable console#configure console(config)#username Dell password P@$$w0rd encrypted privilege 15 console(config)#enable password ENP@$$w0rdThe default protocols are Telnet and HTTP. Telnet and SSH provide command line based management through a tool such as Putty or Terraterm. HTTP and HTTPS provide a GUI based management through a web browser such as Internet Explorer or Chrome. It is possible to run all four, or none of the protocols. If all are disabled, the only management on the switch is Serial.
For security, it is recommended to turn off enable SSH and HTTPS, and disable Telnet and HTTP. Telnet and HTTP transfer packets over plain text, meaning if a person is capturing packets, he can read all the commands, and username and password of the switch while managing it. SSH and HTTPS encrypts the packets with strengthens security.
To enable SSH and HTTPS input the following commands.
console(config)#crypto key generate dsa console(config)#crypto key generate rsa console(config)#ip ssh server console(config)#crypto certificate 1 generate console(config-crypto-cert)#key-generate console(config-crypto-cert)#exit console(config)#ip http secure-server console(config)#ip telnet server disable console(config)#no ip http serverWhen satisfied with the configuration, you must save it. Without saving configuration, if the switch reboots it will lose all configuration not saved.
console#wr This operation may take a few minutes. Management interfaces will not be available during this time. Are you sure you want to save? (y/n) y组播抑制
interface vlan 10 ip address 10.180.1.8 255.255.255.0 exit interface vlan 20 ip igmp snooping vlan 20 ip igmp snooping querier vlan 20 exit interface vlan 30 exit interface range gi1/0/1-24 switchport access vlan 10 exit interface range gi1/0/25-40 switchport access vlan 20 exit interface range gi1/0/41-48 switchport access vlan 30 exit posted on 2016-04-08 12:20 北京涛子 阅读( ...) 评论( ...) 编辑 收藏转载于:https://www.cnblogs.com/liujitao79/p/5367506.html
