Wired

last person joined: an hour ago 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.
Expand all | Collapse all

Aruba 2930F Web GUI

Jump to Best Answer
  • 1.  Aruba 2930F Web GUI

    Posted Sep 26, 2017 10:54 AM

    Hi Folks,

     

    How do we force a user to use credentials when using the Web GUI of a 2930F

    At present anyone can browse to the IP of the switch and view quite a bit of information.

    We would like to make nothing available without logging in.

    How do we do this?

     

    Thanks.

     

    Paul Maz.



  • 2.  RE: Aruba 2930F Web GUI
    Best Answer

    Posted Sep 27, 2017 03:39 AM

    By default, the switch has two administrative accounts: manager and operator, both without a password. What probably happens is that you set the manager password, but when you connect to the web interface it will use the operator account (password-less) by default, so not asking for any password.

     

    In order to fix this, and two other things that you might not like: snmp-write with community public standard enabled, tftp server enabled so anyone can fetch the config without password, I use the following steps:

     

    password manager user-name "swadmin" plaintext "admin123"
    password operator user-name "operator" plaintext "password123"
    no snmp-server community public
    no snmp-server enable
    no tftp server

    Which changes the manager username and password, sets an operator password, removes the 'public' SNMP community and disables tftp. If you need SNMP, you might not want to disable the snmp server, but configure it instead.

     

     

    From hardening perspective, I'd like to have syslog and ntp timesync configured:logging 10.1.254.20

    timesync ntp
    no sntp
    ntp unicast
    ntp server 10.1.254.20
    ntp server 10.1.254.28
    ntp enable
    time daylight-time-rule western-europe
    time timezone 60
    

    A document with the name HP - Hardening ProCurve Switches.pdf can be found on the internet which goes even deeper (and was the source of my command-set).

     

    In the case, you want to go even further, search for 'Aruba 2920 Switch Series. FIPS 140-2 Non-Proprietary Security Policy' and find how you can even protect from people with physical access to the switch.

     

    Just setting an operator password would fix your specific issue.



  • 3.  RE: Aruba 2930F Web GUI

    Posted Sep 27, 2017 08:48 AM

    Fantastic,

    Thanks a million buddy, this was exactly what I needed and worked a treat.

     



  • 4.  RE: Aruba 2930F Web GUI

    Posted Jan 03, 2021 10:52 PM

    Hello everyone,

    I spend several hours to find the default password on aruba 2930F webcli. I finaly found it. Credentials are :

    username: admin
    password: admin

    I hope it coul help someone.
    I post this reply because it's the topic I alway found when I'was typing default password aruba 2930F

    Thank you.
    Paul

     



    ------------------------------
    paul PRIKAZSKY
    ------------------------------



  • 5.  RE: Aruba 2930F Web GUI

    Posted Jan 08, 2021 04:55 PM
    By default, TCP ports 80 and 280 are enabled on the Brocade device. TCP port 80 (HTTP) allows access to the device Web Management Interface.



    My Gift Card Site
    ------------------------------
    Kevin Waters
    ------------------------------