Aruba S3500 Ethernet switches
Aruba S3500 Mobility Access switches are cool:
- Dual power supply
- Decent free firmware access
- Good POE support
- Reasonably quiet
- Stackable
- 2x 10Gbits/sec SFP+ ports available after stacking
- Generic fs.com DACs work splendidly
- Nifty profile-based configuration
- Takes Cisco pinout console cables
- 48 1000baseT ports (no robbing the modular connector ports to make the SFP ports go)
- Fully featured OS that doesn't require licensing of nifty features
- Dedicated management network interface located at rear of chassis.
Less than perfect, but totally livable things about these switches:
- It's not a whitebox switch. Must run factory firmware. (Maybe next time. Maybe...)
- Stacking is not super amaze balls fast between switches at 2x 10Gbits/sec, full duplex. That should not be a problem as the idea is more that this extends the 10 and 40 Gbits/sec network core out to 1000baseT land. So hopefully not a huge issue.
I got a brand new switch. How do get access?
https://community.arubanetworks.com/t5/Wireless-Access/Aruba-S3500-password-recovery/td-p/31922 says to do this on the console:
User:password Password:forgetme! (aruba) >enable Password:enable (aruba) #configure terminal Enter Configuration commands, one per line. End with CNTL/Z (aruba) (config) #mgmt-user admin root Password: TheNewAdminPassw0rd Re-Type password:TheNewAdminPassw0rd (aruba) (config) #exit (aruba) #exit (aruba) >exit User:admin Password:TheNewAdminPassw0rd (aruba) >enable Password:enable (aruba) #configure terminal Enter Configuration commands, one per line. End with CNTL/Z (aruba) (config) #enable secret Password:TheNewEnableSecr3t Re-Type password:TheNewEnableSecr3t (aruba) (config) #exit (aruba) #write memory (aruba) #
(It very correctly does not work over the network. Serial console port only. It's in the back.)
It is also possible to wipe the switch's config using the front panel menus.
Yay! I'm in. How do I wipe the config?
It's not hard, I promise.
User: admin Password: ******* (foo) >enable Password:****** (foo) #write erasecmp: /mswitch/commands/corvina.cfg: No such file or directory All the configuration will be deleted. Press 'y' to proceed :y Write Erase successful (foo) #
Reboot the switch and it will mostly be cleared of any config that has been set. If that is not wiped enough, try
(foo) #write erase all cmp: /mswitch/commands/corvina.cfg: No such file or directory Switch configuration and databases will be erased. The stacking database will not be erased, use 'restore factory_default stacking' for full factory default. Press 'y' to proceed :y Write Erase successful (foo) #
And if there's stacking config that needs to be wiped, too, bring in the 8 inch gun:
(foo) #restore factory_default stacking All configuration and stack settings will be restored to factory default on this member after reload. Press 'y' to proceed with reload: [y/n]: y System will now restart
And wait for it to start again. Stacking and all other config will have been wiped when it starts up again.
Default credentials and stuffs
Default management user is admin with a password of admin123. The default enable secret is enable.
I'm completely defaulted, fresh and clean, and ready to start the day. What do we do next?
Let's get network manageable! Network manageable! Let's get into network manageable!
(Olivia Newton John song) The twisted pair copper Ethernet port on the back of the switch is know as "MGMT" in the switch OS. Configuration is not too surprising:
(ArubaS3500-48P-US) #configure terminal Enter Configuration commands, one per line. End with CNTL/Z (ArubaS3500-48P-US) (config) #interface mgmt (ArubaS3500-48P-US) (mgmt) #ip address 172.16.0.72 255.255.255.0 (ArubaS3500-48P-US) (mgmt) #exit (ArubaS3500-48P-US) (config) #exit (ArubaS3500-48P-US) #write memory Saving Configuration... Save failed: Admin password same as default password Use "mgmt-user admin" command in configuration mode to change the admin password. (ArubaS3500-48P-US) #
Denied! Admin user's password must be changed before config can be saved. So...
Changing admin user's password
(ArubaS3500-48P-US) (config) #mgmt-user admin root Password:******** Re-Type password:******** (ArubaS3500-48P-US) (config) #exit (ArubaS3500-48P-US) #write memory Saving Configuration... Configuration Saved. (ArubaS3500-48P-US) #
Network managability. Take two.
The twisted pair copper Ethernet port on the back of the switch is known as "MGMT" in the switch OS. Configuration is not too surprising:
(ArubaS3500-48P-US) #configure terminal Enter Configuration commands, one per line. End with CNTL/Z (ArubaS3500-48P-US) (config) #interface mgmt (ArubaS3500-48P-US) (mgmt) #ip address 172.16.0.72 255.255.255.0 (ArubaS3500-48P-US) (mgmt) #exit (ArubaS3500-48P-US) (config) #exit (ArubaS3500-48P-US) #write memory (ArubaS3500-48P-US) #
And now an SSH client can connect to 172.16.0.72 as user admin with the password set above. Note that there is no route to another IPv4 subnet. So, must be inside the same address space.