Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

SF/SG 300 managed switches Tips for OnPlus

Portal Feature
Constraints/Notes

Discovery

The SF/SG 300 series managed switches can be discovered via one of three methods:

•    Bonjour. If the device is set to issue Bonjour advertisements, it will be properly discovered and identified.

•    CDP. If the device is set to issue CDP advertisements, it will be properly discovered and identified.

•    Designated device driver. In the event that other discovery methods are disabled, the device can be discovered by manually designating a driver (Device Information window > Credentials tab, Device Driver), provided valid login credentials are provided.

After the device is discovered and credentials are provided, the switch will perform discovery on other devices found as CDP neighbors, as well as devices in the CAM table. If the switch is using the 1.1 or later firmware, it can be discovered via either SNMP2 or using the HTTP interface.

If the switch is using the 1.0 firmware and can be controlled via SNMP2, it will be fully supported. However, the 1.0 firmware does not support CDP, so no discovery of devices via CDP can be performed with the SF/SG 300 Series managed switch.

If the switch is using the 1.0 firmware and can only be managed via HTTP, the switch will be discovered, and some minimal information will be retrieved, but backup, restore, and firmware updates will not be supported, and additional discovery of other devices via CDP and CAM tables will not take place.

Access/Device Information

The SF/SG 300 managed switches can be accessed via SNMPv2, SNMPv3, or HTTP. The HTTP interface uses an XML API that is only fully supported in the 1.1 release of the device firmware. To work with SNMPv2 or v3, an appropriate view with read/write access must be created for the community that the OnPlus Agent will use. The community string must be entered into the device's SNMP credentials field.

To create SNMPv2 credentials to enable this device to work with the OnPlus Portal: 1. On SG, Security > TCP/UDP Services > SNMP service enable. 2. On SG, create SNMP Community string as read/write

3. On the Portal enter the SNMP Community string in Credentials > SNMP Access in the Device Information window.

The SF/SG 300 driver fully supports both SNMPv3 and SNMPv2.

If you create SNMPv3 credentials for the device and set them to be usable, the driver will attempt to use those drivers in preference to any SNMPv2 credentials.

The 1.1 releases of the SF/SG 300 firmware support SNMPv3, but there are a few restrictions.

•    The firmware does not save users that have been defined for SNMPv3. This means that any time the device reboots, you will need to enter the credentials again.

•    The device does not support AES for a privacy protocol - you must use DES.

•    The device does not support the use of passphrases for Privacy. Since the Cisco OnPlus SNMPv3 authentication models only use passphrases (not keys), you cannot use Privacy with this device.

For an example of how to set up an SF/SG 300 to use SNMPv3, follow these steps:

In the device's web page go to SNMP:Engine ID, select the Use Default radio button, and click Apply.

In the device's web page, go to SNMP:Groups and add a group. Set the group name to authnopriv, select Security Model SNMPv3, check the Authentication and No Privacy box, and give the device Read, Write, and Notify privileges as DefaultSuper. Click Apply.

User SNMP:Users, add a new user called admin, using the Local Engine ID. Set the group name to authnopriv, set the Authentication method to MD5 password, and set the password to Password01. Click Apply.

Under Security:TCP/UDP Services, enable SNMP and click Apply. Then save the settings in Admin File management.

You can now go to your OnPlus device control page, go the SNMP credentials page and click the SNMPv3 radio button. Select the corresponding settings and click OK. Your credentials should now validate properly with the SF/SG 300 device.

Device Configuration Backup and Restore

Backup and restore of the SF/SG 300 series managed switch can be performed using either SNMPv2 or the HTTP/XML API. Firmware 1.1 fully supports backup and restore. Firmware 1.0 will only do backup and restore on devices that can be controlled via SNMPv2. When the device has startup- config reloaded, a reboot is issued.

Upgrade Firmware

Firmware updates are supported on the SF/SG 300 Series of managed switches using either SNMPv2 or the HTTP/XML API. The procedure is fully supported with the 1.1 firmware, but the 1.0 firmware requires that you enable SNMPv2 on your device.

The SF/SG 300 series switch has space for two images: an active image and a backup image. When a firmware install is requested, the system checks to ensure that the image is not the active or backup image. If it matches either image, the file transfer is aborted. If this is a new firmware file, it is copied to the device. The switch will copy the new image file on top of the inactive image. The switch has a flag to indicate which image will be active after reboot. This flag is modified to indicate that the newly loaded firmware will be active after a restart. A restart is then sent to the device and the new image loads. The reboot can take 2-3 minutes.

While that process is running, the OnPlus Agent continually tries to reconnect. The OnPlus Agent checks to determine if the device aquired a new IP address.

Remote Access

The web interface to the SF/SG 300 Series managed switch can be accessed using remote access. SNMP control of the device is not available via remote access.

Note: Cisco OnPlus Service was tested with the following models:

  • SF300-24P
  • SF300-10P
  • SF302-08
  • SF300-48
  • SG300-28P
  • SG300-10P
  • SG300-10
  • SF300-24MP
  • SG300-28MP
  • SG300-52P
  • SG300-52MP
  • SG300-10SFP

Feature support is expected to apply to all other models in the series.

Version history
Revision #:
1 of 1
Last update:
‎07-11-2011 04:37 PM
Updated by:
 
Labels (1)