How do we force a user to use credentials when using the Web GUI of a 2930F
At present anyone can browse to the IP of the switch and view quite a bit of information.
We would like to make nothing available without logging in.
How do we do this?
By default, the switch has two administrative accounts: manager and operator, both without a password. What probably happens is that you set the manager password, but when you connect to the web interface it will use the operator account (password-less) by default, so not asking for any password.
In order to fix this, and two other things that you might not like: snmp-write with community public standard enabled, tftp server enabled so anyone can fetch the config without password, I use the following steps:
password manager user-name "swadmin" plaintext "admin123"
password operator user-name "operator" plaintext "password123"
no snmp-server community public
no snmp-server enable
no tftp server
Which changes the manager username and password, sets an operator password, removes the 'public' SNMP community and disables tftp. If you need SNMP, you might not want to disable the snmp server, but configure it instead.
From hardening perspective, I'd like to have syslog and ntp timesync configured:logging 10.1.254.20
ntp server 10.1.254.20
ntp server 10.1.254.28
time daylight-time-rule western-europe
time timezone 60
A document with the name HP - Hardening ProCurve Switches.pdf can be found on the internet which goes even deeper (and was the source of my command-set).
In the case, you want to go even further, search for 'Aruba 2920 Switch Series. FIPS 140-2 Non-Proprietary Security Policy' and find how you can even protect from people with physical access to the switch.
Just setting an operator password would fix your specific issue.
Thanks a million buddy, this was exactly what I needed and worked a treat.
I spend several hours to find the default password on aruba 2930F webcli. I finaly found it. Credentials are :username: adminpassword: adminI hope it coul help someone.I post this reply because it's the topic I alway found when I'was typing default password aruba 2930FThank you.Paul
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.