enable web management

  • 1
  • Question
  • Updated 3 months ago
  • Answered

I apologize for the simple questions, but just inherited a
large campus network with numerous ICX switches that is basically a large dumpster fire.

Until I can get up to speed on the IOS, I want to enable Web management without the risk of causing any issues. 

 I can ssh just fine into the switch.

Changed “no web-management http” to “web-management http”, but can’t log in.

I assume I need to add:  “aaa authentication web-server default local”

Just want to confirm that? 

Thanks again & I really appreciate any response.

 

Cheers!
Photo of DeathAndGravity

DeathAndGravity

  • 7 Posts
  • 0 Reply Likes

Posted 3 months ago

  • 1
Photo of Ben

Ben, Employee

  • 82 Posts
  • 29 Reply Likes
That's correct. That aaa statement will use the local database. If you don't have a username yet, you can define one with:

conf t
username <user> password <password>
Photo of NETWizz

NETWizz

  • 183 Posts
  • 59 Reply Likes
Exactly, and you probably want to run web-management https to have your console encrypted.

You might also want to limit access to a standard access list...

web access-group 99


Photo of Josue Jimenez (C)

Josue Jimenez (C), Employee

  • 4 Posts
  • 4 Reply Likes
Hello,

I hope you are doing great today, that would be it if you enter that command, also there is more information here in case you need it http://docs.ruckuswireless.com/fastiron/08.0.60/fastiron-08060-webguide/GUID-43210924-D6FC-4FAB-B7E3...
Photo of DeathAndGravity

DeathAndGravity

  • 7 Posts
  • 0 Reply Likes
Perfect...  Thank you!
Photo of Chuck Inclema

Chuck Inclema

  • 3 Posts
  • 0 Reply Likes
I'm new to Ruckus as well and have used the follwoing commands on to begin configuring 5 Ruckus switches that a new client needs configured.

Below are commands that helped me get to the web interface. The switch needs an IP Address to gain access to the web interface.

hostname Main1_7150_C48P_ZP

enable super-user-password [ password ]
no enable super-user-password [ password ]

(Only for Layer 3 Router)
interface ethernet 1/1/47 (You choose the interface, Possibly the management Interface)
ip address 192.168.X.5 255.255.255.0
write memory

(For Layer 2 Switch)
ip address 192.168.X.5 255.255.255.0
ip default-gateway 192.168.X.1
write memory

To gain access to the web interface
crypto-ssl certificate generate
username [ username ] password [ password ]
aaa authentication login default local
aaa authentication web-server default local
write memory

Photo of NETWizz

NETWizz

  • 183 Posts
  • 59 Reply Likes
These are good.  It is a lot easier to configure via the CLI though to be honest.

On the Layer-3 firmware, most IPs will go on the VE's or a loopback for routing protocols.  The VEs are the VRIs (Virtual Router Interfaces), and are referred to as SVIs(Software Virtual Interfaces) on Cisco.

i.e. int ve 123 on the Ruckus vs int vlan 123 on a Cisco.



Other than that, you have untagged interfaces under a VLAN to assign access ports. If you use the TAGGED keyword under vlan and add interfaces, they are 802.1q trunk ports (i.e. same as dot1q on Cisco).  If you have both, the vlan an interface is untagged within serves as its native vlan, which used to be referred to as dual-mode if you see older documentation.

Hope that helps.

Hope that helps.