HP Switching Tips
HP AAA RADIUS for logins
aaa authentication login privilege-mode
aaa authentication ssh login radius local
radius-server host 10.60.1.36 key 4fgrFQ}w$T0-phrL<AKCVBm#
HP Port Security
To allow a single host
!
port-security 10 mac-address 08000f-418a72 learn-mode static
port-security 10 action send-alarm
!
To allow multiple hosts;
!
port-security 10 learn-mode static
port-security 10 address-limit 2
port-security 10 mac-address c45444-e49954 c45444-e49953
port-security 10 action send-alarm
!
To remove configuration (configuration mode)
no port-security 10
HP vs Cisco MST
Cisco Configuration
config t
spanning-tree mode mst
spanning-tree mst configuration
instance 1 vlan 1-1001
revision 0
name MAX-NOC-MST
spanning-tree mst 1 root primary
HP Configuration
spanning-tree mode mstp
spanning-tree config-revision 0
spanning-tree config-name MAX-NOC-MST
spanning-tree instance 1 vlan 1-1001
spanning-tree
Configure DHCP Snooping
This will maintain a list of IP to MAC addresses
conf t
dhcp-snooping
dhcp
-snooping authorized-server 172.19.6.254nodhcp-snooping option 82
dhcp-snooping trust 50
dhcp-snooping vlan
Verify with;
1sh-snooping
dhcpbindingshdhcp-snooping stats
Configure DAI
arp-protect
arp-protect trust 50
arp-protectvlan 1
sh arp-protect statistics 1