Context Navigation

Configure HP Procurve 2824 (J4903A)

We have a HP Procurve 2824 switch at both Telehouse and XO. We have the installation manual and management manual available .

Reset to factory defaults and set serial console

Do that by poking a staple in both the reset and clear buttons and then releasing the reset button and keeping the clear button pressed. That may leave the switch in a state with all lights on. If so try unplugging and plugging it back in.

Next, try to access it via the serial console at 2400 baud.

Set the system contact, password, and IP configuration
- Type: setup
- Set system contact to: info@mayfirst.org
- Enter Manager password - cannot be more than 16 characters!

Set the serial console

# configure
# console baud-rate 115200
Command will take effect after saving configuration and reboot.
# write mem
# boot

After it restarts, you should re-connect via the new serial console settings

Upgrade Firmware

Check the HP page for the latest firmware. Check the running firmware with:
```
show version
```

As for 2012-11-3, the latest firmware on the site is i.10.77 built on 26-Aug-2009, posted on 26-Oct-2009.

To update the firmware:
- Downloading the latest version to a machine connected to the switch
- Install and start tftpd-hpa on the machine
- On the server, type:

menu

Selected Download OS from the menu
Entered the IP address of the server and the remote file name (I_10_77.swi) and hit eXecute.

Set the hostname
```
hostname cafiero
```

Harden the switch

Disable the telnet and web interface:

configure
no telnet-server
no web-management

Fix the SNMP configuration (by default it allows public write access, we want public read-only access)
```
configure
snmpv3 enable
snmpv3 only
```

When you run snmpv3 enable you are prompted to create a user. Just take the defaults and hit "n" when you are asked to create a new sha user.

Now, delete the user you just created:

no snmpv3 user initial

Create a new user:

snmpv3 user cacti auth sha AUTHPASS priv aes PRIVPASS

Replace AUTHPASS and PRIVPASS with random passwords you generate and store in keyringer.

Lastly, give this user access:

snmpv3 group operatorauth user cacti sec-model ver3

Now, you should be able to configure cacti to user it. When configuring cacti, be sure to leave "context" blank.


Ticket	Resolution	Summary

Last modified 7 years ago Last modified on Nov 20, 2016, 3:03:31 AM

Attachments (1)

2600-2800-4100-6108-MgmtConfig-Oct2005-59906023.pdf (5.2 MB ) - added by Jamie McClelland 8 years ago.

Note: See TracWiki for help on using the wiki.

Download in other formats:

Plain Text