This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
- Community
- RUCKUS Technologies
- RUCKUS Lennar Support
- Community Services
- RTF
- RTF Community
- Australia and New Zealand – English
- Brazil – Português
- China – 简体中文
- France – Français
- Germany – Deutsch
- Hong Kong – 繁體中文
- India – English
- Indonesia – bahasa Indonesia
- Italy – Italiano
- Japan – 日本語
- Korea – 한국어
- Latin America – Español (Latinoamérica)
- Middle East & Africa – English
- Netherlands – Nederlands
- Nordics – English
- North America – English
- Poland – polski
- Russia – Русский
- Singapore, Malaysia, and Philippines – English
- Spain – Español
- Taiwan – 繁體中文
- Thailand – ไทย
- Turkey – Türkçe
- United Kingdom – English
- EOL Products
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- RUCKUS Forums
- RUCKUS Technologies
- ICX Switches
- ICX7150 "Zero-Touch" Config via TFTP (DHCP Option ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-06-2023 06:01 PM - edited 07-06-2023 11:26 PM
Hello,
I am building out a "zero-touch" template for ICX. Switches will follow DHCP Option 66 to a TFTP server, grab a config according to mac address, and get setup. HOWEVER, in testing, I cannot log into auto-provisioned switches, even when supplying a username and pass in the config.
Example, ICX7150-C12-SwitchA.B.C.cfg (on TFTP server):
hostname ICX-XYZ
username super privilege 0 create-password MYFAVORITEPASS
username super2 privilege 0 create-password MYFAVORITEPASS
7150 is factory reset.
It grabs above config.
I can see from LLDP that switch took config and updated its hostname.
I can SSH to device, HOWEVER I cannot login as super or super2 (even with default pass sp-admin).
The same occurs if I omit the username lines. That is, auto-provision config on TFTP is only:
hostname ICX-XYZ
This also prevents login using the default sp-admin password.
What is the correct procedure to set users and passwords via TFTP auto-provisioning (Option 66/150)?
I may be missing a piece of documentation, and if so, I would appreciate a pointer to get myself up to speed.
Test device:
ICX7150-C12
FastIron 8.0.95kT211
Solved! Go to Solution.
Labels:
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-10-2023 08:52 AM
Hi Chandini thanks for the response,
You are correct about bad default config. I made the assumption that TFTP auto-provision behaves the same as the copy command (copy tftp running-config ...). It is not the same. TFTP auto-provision applies different AAA defaults.
With auto-provision it is necessary to apply an AAA rule like
aaa authentication login default local
(or a radius/tacacs AAA rule)
2 REPLIES 2
Labels
-
7250
1 -
802.3af PoE
1 -
802.3at PoE
1 -
AAA
1 -
ACL
1 -
auto-provision
1 -
auto-provisioning
1 -
Cluster synchronization
1 -
Crypto Keys
1 -
Deployment
1 -
dhcp-66
1 -
fastiron-10
1 -
fastiron-8
1 -
Firmware Upgrade
2 -
ICX
3 -
ICX 7150-C12p
1 -
ICX switch
2 -
ICX Switch Management
6 -
ICX-7150-C12
1 -
ICX-7550
1 -
ICX-8200
1 -
Installation
1 -
not enough electricity
1 -
overlad
1 -
Override PoE Operating Mode
1 -
PD overload
1 -
Poe
1 -
PoE mode.
1 -
power limitations
1 -
Proposed Solution
1 -
RADIUS
1 -
Routing
1 -
RUCKUS Self-Help
2 -
stack
1 -
stack password
1 -
tftp
1 -
Upgrade
1 -
Upgrade path
1 -
We
1 -
zero-touch
1
- « Previous
- Next »
