Aruba & ProVision-based
1748236 Members
3553 Online
108759 Solutions
New Discussion юеВ

Re: Remote access HPE FlexFabric 5700

 
cvanaxel
Advisor

Cant connect the FlexFabric 5700 with the Aruba 2530 poe+: Remote access HPE FlexFabric 5700

Hi All,

Is it possible to change the remote access from the HPE flexfabric 5700. The only part i can find is to use the vlan 1 or the M-port. I dont want that. I want to add my own manage vlan to the switch. Because it will be part of a manage switch enviroment.

i did something like this.

interface Vlan-interface vlan 311

ip address 10.0.1.1 255.255.255.0

ip route-static 0.0.0.0 0 10.0.1.254

interface Ten-GigabitEthernet1/0/31
 port link-type trunk
 port trunk permit vlan all

35 REPLIES 35
cvanaxel
Advisor

Re: Remote access HPE FlexFabric 5700

I cant seem to connect the FlexFabric 5700 with the Aruba 2530 poe+.

conf Arube switch.

hostname "blabla"
trunk 1-5 trk1 lacp
trunk 45-46 trk2 trunk
trunk 47-48 trk3 lacp
trunk 51 trk4 trunk
trunk 10 trk5 trunk
trunk 43 trk6 trunk
trunk 44 trk7 trunk
trunk 41 trk8 trunk
trunk 42 trk9 trunk
trunk 52 trk10 trunk
trunk 11 trk11 trunk

timesync sntp
sntp unicast
sntp server priority 1 10.1.5.254
no telnet-server
time daylight-time-rule western-europe
time timezone 60
ip default-gateway 10.1.1.254
interface 1
   exit
interface 2
   exit
interface 3
   exit
interface 4
   exit
interface 5
   exit
interface 6
   exit
interface 7
   exit
interface 8
   exit
interface 9
   exit
interface 10
   exit
interface 11
   name "Storage.1 DOWN"
   exit
interface 14
   exit
interface 41
   exit
interface 42
   exit
interface 43
   exit
interface 44
   exit
interface 45
   exit
interface 46
   exit
interface 47
   exit
interface 48
   exit
interface 51
   exit
interface 52
   exit
snmp-server community "public" unrestricted
vlan 1
   name "DEFAULT_VLAN"
   no untagged 7-9,13-15,35,Trk1-Trk10
   untagged 6,12,16-34,36-40,49-50,Trk11
   ip address dhcp-bootp
   exit
vlan 5
   tagged Trk1-Trk11
   no ip address
   exit
vlan 111
   untagged 7
   tagged Trk1-Trk11
   no ip address
   voice
   exit
vlan 2123
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3111
   name "switchvlan"
   tagged Trk1-Trk11
   ip address 10.1.1.1 255.255.255.0
   exit
vlan 3112
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3113
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3114
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3115
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3116
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3117
   untagged 9
   tagged Trk1-Trk11
   ip address 10.1.22.25 255.255.255.0
   exit
vlan 3118
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3119
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3120
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3121
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3122
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3123
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3124
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3125
   untagged 8
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3126
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3127
   untagged 35
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3128
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3129
   tagged Trk1-Trk11
   no ip address
   exit
vlan 3147
   untagged 14-15
   tagged Trk1-Trk11
   no ip address
   exit
spanning-tree Trk1 priority 0
spanning-tree Trk2 priority 4
spanning-tree Trk3 priority 4
spanning-tree Trk4 priority 4
spanning-tree Trk5 priority 4
spanning-tree Trk6 priority 4
spanning-tree Trk7 priority 4
spanning-tree Trk8 priority 4
spanning-tree Trk9 priority 4
spanning-tree Trk10 priority 4
spanning-tree Trk11 priority 4
no tftp server
no dhcp config-file-update
no dhcp image-file-update
no dhcp tr69-acs-url
password manager
password operator

 

conf FlexFabric 5700
#
 version 7.1.045, Release 2432P01
#
 sysname blabla2
#
 clock timezone Amman add 02:00:00
 clock protocol ntp
#
 telnet server enable
#
 irf mac-address persistent timer
 irf auto-update enable
 undo irf link-delay
 irf member 1 priority 1
 irf mode normal
#
 ip unreachables enable
 ip ttl-expires enable
#
 lldp global enable
#
 system-working-mode StandardBridge
 password-recovery enable
#
vlan 1
#
vlan 3111
 name "switch vlan"
#
vlan 3114
#
vlan 3116 to 3117
#
vlan 3120 to 3122
#
 stp global enable
#
interface NULL0
#
interface Vlan-interface3111
 ip address 10.1.1.199 255.255.255.0
#
interface FortyGigE1/0/41
#
interface FortyGigE1/0/42
#
interface M-GigabitEthernet0/0/0
#
interface Ten-GigabitEthernet1/0/1
 description Trunk UP blabla port 11
 port link-type trunk
 undo port trunk permit vlan 1
 port trunk permit vlan 3111 3114 3116 to 3117
#
interface Ten-GigabitEthernet1/0/2
 description Trunk UP RSW.1 port 12
#
interface Ten-GigabitEthernet1/0/3
#
interface Ten-GigabitEthernet1/0/4
#
interface Ten-GigabitEthernet1/0/5
#
interface Ten-GigabitEthernet1/0/6
#
interface Ten-GigabitEthernet1/0/7
#
interface Ten-GigabitEthernet1/0/8
#
interface Ten-GigabitEthernet1/0/9
#
interface Ten-GigabitEthernet1/0/10
#
interface Ten-GigabitEthernet1/0/11
#
interface Ten-GigabitEthernet1/0/12
#
interface Ten-GigabitEthernet1/0/13
#
interface Ten-GigabitEthernet1/0/14
#
interface Ten-GigabitEthernet1/0/15
 port access vlan 3117
#
interface Ten-GigabitEthernet1/0/16
#
interface Ten-GigabitEthernet1/0/17
 port access vlan 3117
#
interface Ten-GigabitEthernet1/0/18
#
interface Ten-GigabitEthernet1/0/19
#
interface Ten-GigabitEthernet1/0/20
#
interface Ten-GigabitEthernet1/0/21
#
interface Ten-GigabitEthernet1/0/22
#
interface Ten-GigabitEthernet1/0/23
#
interface Ten-GigabitEthernet1/0/24
#
interface Ten-GigabitEthernet1/0/25
#
interface Ten-GigabitEthernet1/0/26
#
interface Ten-GigabitEthernet1/0/27
#
interface Ten-GigabitEthernet1/0/28
#
interface Ten-GigabitEthernet1/0/29
#
interface Ten-GigabitEthernet1/0/30
#
interface Ten-GigabitEthernet1/0/31
#
interface Ten-GigabitEthernet1/0/32
#
interface Ten-GigabitEthernet1/0/33
#
interface Ten-GigabitEthernet1/0/34
#
interface Ten-GigabitEthernet1/0/35
#
interface Ten-GigabitEthernet1/0/36
#
interface Ten-GigabitEthernet1/0/37
#
interface Ten-GigabitEthernet1/0/38
#
interface Ten-GigabitEthernet1/0/39
#
interface Ten-GigabitEthernet1/0/40
#
 scheduler logfile size 16
#
line class aux
 user-role network-admin
#
line class vty
 authentication-mode scheme
 user-role network-admin
 user-role network-operator
 set authentication password hash 
 protocol inbound ssh
 idle-timeout 30 0
#
line aux 0
 user-role network-admin
#
line vty 0 63
 user-role network-operator
#
 ip route-static 0.0.0.0 0 10.1.1.254
#
 ssh server enable
#
 ntp-service enable
 ntp-service source M-GigabitEthernet0/0/0
 ntp-service unicast-server 10.1.10.9
#
radius scheme system
 user-name-format without-domain
#
domain system
#
 aaa session-limit telnet 1
 aaa session-limit ssh 1
 domain default enable system
#
role name level-0
 description Predefined level-0 role
#
role name level-1
 description Predefined level-1 role
#
role name level-2
 description Predefined level-2 role
#
role name level-3
 description Predefined level-3 role
#
role name level-4
 description Predefined level-4 role
#
role name level-5
 description Predefined level-5 role
#
role name level-6
 description Predefined level-6 role
#
role name level-7
 description Predefined level-7 role
#
role name level-8
 description Predefined level-8 role
#
role name level-9
 description Predefined level-9 role
#
role name level-10
 description Predefined level-10 role
#
role name level-11
 description Predefined level-11 role
#
role name level-12
 description Predefined level-12 role
#
role name level-13
 description Predefined level-13 role
#
role name level-14
 description Predefined level-14 role
#
user-group system
#
local-user admin class manage
 password hash 
 service-type ssh http https
 authorization-attribute user-role network-admin
 authorization-attribute user-role network-operator
#
 ip http enable
 ip https enable
 web idle-timeout 600
#
return

 

I cant ping them and on the switches they both cant ping.  Can anyone please help me out?

cvanaxel
Advisor

Re: Remote access HPE FlexFabric 5700

i tried this and still did not work. What is wrong.

HPE Flexfabric 5700

vlan 3111
 name "switch vlan"
#
 stp global enable
#
interface Bridge-Aggregation1
 port link-type trunk
 port trunk permit vlan all
 port trunk pvid vlan 3111
 link-aggregation mode dynamic
#
interface NULL0
#
interface Vlan-interface3111
 ip address 10.1.1.199 255.255.255.0
#
interface FortyGigE1/0/41
#
interface FortyGigE1/0/42
#
interface M-GigabitEthernet0/0/0
#
interface Ten-GigabitEthernet1/0/1
 port link-type trunk
 port trunk permit vlan all
 port trunk pvid vlan 3111
 port link-aggregation group 1

And on the procuve trk11 is untagged. But still i cant ping them.

bala5
Frequent Advisor

Re: Remote access HPE FlexFabric 5700

Hi,

1.is there any reachability between the devices ? If No 

2.Check the vlan is allowed on the trunk ports. If Yes

3.Check the port are tagged properly .

 

Bala
I work for HPE

Accept or Kudo

aybra
HPE Pro

Re: Remote access HPE FlexFabric 5700

Hello,

Just to clarify one thing, trunk for Aruba-OS means aggregation for HPE OS,.

1- In the first configurations you have configured Aruba as trunk (agg) and the 5700 normal link:

Aruba :

trunk 11 trk11 trunk

vlan 3111
   name "switchvlan"
   tagged Trk1-Trk11
   ip address 10.1.1.1 255.255.255.0
   exit

5700:

interface Ten-GigabitEthernet1/0/1
 description Trunk UP blabla port 11
 port link-type trunk
 undo port trunk permit vlan 1
 port trunk permit vlan 3111 3114 3116 to 3117
#

2- In the second configuration you have configured trunk (static agg) on Aruba but dynamic aggregation on 5700.

5700

interface Bridge-Aggregation1
 port link-type trunk
 port trunk permit vlan all
 port trunk pvid vlan 3111
 link-aggregation mode dynamic

#

Aruba

trunk 11 trk11 trunk
3 - i recommend to use the following configurations

5700 :

interface Ten-GigabitEthernet1/0/1
 description Trunk UP blabla port 11
 port link-type trunk
 undo port trunk permit vlan 1
 port trunk permit vlan 3111 3114 3116 to 3117
#

Aruba

remove trunk 11

and change vlan configuration :

vlan 3111
   name "switchvlan"
   tagged Trk1-Trk10, 11
   ip address 10.1.1.1 255.255.255.0
   exit

4- if you want to use agg we recommend the follwing configurations 

5700

interface Bridge-Aggregation1
port link-type trunk
 undo port trunk permit vlan 1
 port trunk permit vlan 3111 3114 3116 to 3117
 link-aggregation mode dynamic
#

Aruba

trunk 11 trk11  lacp

vlan 3111
   name "switchvlan"
   tagged Trk1-Trk11
   ip address 10.1.1.1 255.255.255.0
   exit

 

Finally hope this can help you.

best regards

I am an HPE Employee

Accept or Kudo

cvanaxel
Advisor

Re: Remote access HPE FlexFabric 5700

I tried that also. No connection

interface Bridge-Aggregation1
 port link-type trunk
 undo port trunk permit vlan 1
 port trunk permit vlan 2 to 4094
 link-aggregation mode dynamic
#
interface NULL0
#
interface Vlan-interface3111
 ip address 10.1.1.199 255.255.255.0
#
interface FortyGigE1/0/41
#
interface FortyGigE1/0/42
#
interface M-GigabitEthernet0/0/0
#
interface Ten-GigabitEthernet1/0/1
 description Trunk UP RSW.1 port 11
 port link-aggregation group 1

 

Aruba

 

trunk 11 trk11 lacp

vlan 3111
   name "switchvlan"
   tagged Trk1-Trk11
   ip address 10.1.1.1 255.255.255.0
   exit

 

Errors i get.

[5700]%Oct 10 10:08:49:293 2018 5700 IFNET/5/LINK_UPDOWN: Line protocol on the interface Ten-GigabitEthernet1/0/1 is down.
%Oct 10 10:08:49:311 2018 5700 LAGG/6/LAGG_INACTIVE_AICFG: Member port XGE1/0/1 of aggregation group BAGG1 changed to the inactive state, because the member po.
%Oct 10 10:09:03:456 2018 5700 DEV/1/FAN_DIRECTION_NOT_PREFERRED: Fan 1 airflow direction is not preferred on slot 1, please check it.
%Oct 10 10:09:03:457 2018 5700 DEV/1/FAN_DIRECTION_NOT_PREFERRED: Fan 2 airflow direction is not preferred on slot 1, please check it.
%Oct 10 10:09:08:840 2018 5700 LLDP/5/LLDP_PVID_INCONSISTENT: PVID mismatch discovered on Ten-GigabitEthernet1/0/1 (PVID 1), with RSW.1 11 (PVID 3111).


[5700]ping 10.161.1.1
Ping 10.1.1.1 (10.1.1.1): 56 data bytes, press CTRL_C to break
Request time out
Request time out
Request time out
Request time out
%Oct 10 10:09:38:841 2018 5700 LLDP/5/LLDP_PVID_INCONSISTENT: PVID mismatch discovered on Ten-GigabitEthernet1/0/1 (PVID 1), with Aruba 11 (PVID 3111).

aybra
HPE Pro

Re: Remote access HPE FlexFabric 5700

Hello  cvanaxel 

Can you please post the complete configuration of the two switches ?

best regards

I am an HPE Employee

Accept or Kudo

cvanaxel
Advisor

Re: Remote access HPE FlexFabric 5700

I added them as txt file.

Download

aybra
HPE Pro

Re: Remote access HPE FlexFabric 5700

Hello ,

you have to correct the Aruba configuration as follow :

vlan 1
name "DEFAULT_VLAN"
no untagged 7-9,13-15,35,Trk1-Trk10
untagged 6,12,16-34,36-40,49-50,Trk11
ip address dhcp-bootp
exit

vlan 3111
name "switch3111"
tagged Trk1-Trk11
ip address 10.161.1.1 255.255.255.0
exit

I am an HPE Employee

Accept or Kudo

cvanaxel
Advisor

Re: Remote access HPE FlexFabric 5700

I did that. Stll no result.

vlan 1
   name "DEFAULT_VLAN"
   no untagged 7-9,13-15,35,Trk1-Trk10
   untagged 6,12,16-34,36-40,49-50,Trk11
   ip address dhcp-bootp
   exit

vlan 3111
   name "switch3111"
   tagged Trk1-Trk11
   ip address 10.161.1.1 255.255.255.0
   exit

 

ping from the Aruba to 5700

Request timed out.