Hello, my name is Tyler McMinn with Aruba Networks, and this is the Networking Essentials video course. In this video, we're going to follow up with our last video on the management interface and actually use the dedicated management port to attach to our switch using secure SSH through the command line, and the remote HTTPS protocol to open up a browser, and take a look at the graphical user interface that our switch provides. In addition, we'll cover checkpoints and how to do our own backups by name so we can roll back to the system state at which we created those checkpoints. Here we go. If you recall we went and showed you this 3D catalog of the switches in an earlier video, and on this say 6300 if I pop this open at the very front of this you'll see that there is a console port that we've been using here. If you're able to reach into the switch itself, and there's this management interface. Here's the console port with a USB cable so you have to be actually right there in front of the switch, but I could set a management interface to its own separate network and reach that from wherever. That's what we're doing here is we're going to utilize this management interface into my home network and get that connected. How do I set that up? How do I validate that? Because when I was looking at my interfaces I didn't see anything about a management port that I could actually use. If I do a show ip or show interface brief there's no management interface, show ip interface brief there's no management interface. What you actually we need to do is do a show interface management. It's its own separate port, it's its own separate routing table, it's its own separate thing. If I look here I didn't know configuration. This port on our switches is going to automatically be up and running, and automatically be running DHCP. As long as I physically connect it to a network where it can actually pull DHCP what we're going to find is that it works out perfectly. It actually pulls an address and this is in my home network. It pulls a gateway, a name server, everything. That means I could open up my own computer, and I'll fire up something like PuTTY or whatever. You can use any command-line tool. By default PuTTY uses the Telnet protocol. Let's see what happens if I use that. I'll go to 192.168.1. whatever this is. Now this is in my own house. Physically on my own computer I'm trying to connect to this. What I get is I get a popup message saying here, "Connection refused". The reason for that is that Telnet is disabled on all of our Aruba devices. Instead of Telnet what I'm going to end up doing is I'm going to click this button for SSH or whatever tool you want to use to connect with SSH. There's a ton of them out there PuTTY is just a free one that I like. I'll go ahead and go to the same address, and this time I get a pop-up saying wow, security alert, this site is sending you a self-signed certificate. Do you trust that this is actually the site you want to go to? Of course I do? I'll go and hit Yes, and that saves that certificate and allows me to encrypt my connection to the switch. I'm login with Aruba, and the password I'm going to use is the aruba123. Our admin and aruba123. This was the same username and password that we set up before, and look at that I'm on the access switch. Same commands are allowed, but now I'm connecting from a remote session rather than having to stand right in front of the switch through this remote network I'm connected to my home PC here. I don't know what I'm drawing but we'll say that's my desktop or whatever, and I'm able to connect this way through my home network. Pretty neat that it lets me do that, and in addition to that I can actually can Open up a browser. I got a browser here, and go to the address of the switch. When I do I get a GUI connection. Same thing here it'll pop up with a certificate asking me to accept it. I've already done that. Let me go ahead and login now with the same credential I used for SSH. This is what all your CX switches will look like to one degree or another. when you open up the browser. A huge screen full of deep analytics that can track your switch behavior over time. You can go to your interfaces we can see port one and port three are up, and I've got statistics about each of those ports if I were to select them I can get a deeper dive on that. What VLANs I have running? I got VLAN 1 up and running. We'll talk about VLANs more later. I can go to the system look at environmental stuff, look at my configurations that I've saved, all diagnostics are available here as well, and management. More importantly you can actually Install scripts to run on local agents that can monitor statistics and other changes over time or react to changes that you can configure. To check out more about the scripting piece or what we call the Network Analytics Engine. You can go to the Solution Exchange and Download any scripts that they have available once you sign in. It's all free to play around with. Alerts all stuff at the top of the screen. You can manage all of this. We can reboot it, save the config, or access it through an API. All good stuff. In this case I'm just going to close it out, but each of our switches would support that it's all free with the Network Analytics Engine allowing that browser connectivity. A lot of commands there that we covered on the troubleshooting side and actually going in and managing the switch from this GUI interface here. Let me put those commands down to PuTTY and with SSH, checking with Telnet seeing it fail, and then actually open up to GUI. The last piece I want to show is going to be the checkpoints, and then we'll go ahead and take a look at the second switch here. The checkpoint portion are those saved checkpoints that you can create yourself or you could use the system generated ones. When I did a Save I did a write memory that copies the running-config to the startup-config. The startup-config shows up as a checkpoint. If you show checkpoint list this would list out the existing checkpoints that I have, and the ones that are generated by the system. A system-generated one is after you stop making a change, and you don't type anything for five minutes it'll take a checkpoint. It has a limited list of these so it'll do the first in first out, but I can do my own checkpoints by Copying my running-config to a checkpoint that we could call Part1_Complete. How about that. You can call whatever you want as long as there are no spaces. Now if I do a show checkpoint list I've got that checkpoint that I could roll back to in the event that I wanted to do a checkpoint rollback. It would replace my current configuration and the state of my switch with whatever was occurring the moment that I took that checkpoint. It's more than just a backup of your running-config. It's the actual system state of your switch. Pretty cool. This idea of checkpoints. We may play with that a bit later. In this video we cover checkpoints, we cover the management interface, we covered accessing the management interface remotely using SSH or graphical user interface. In the next video, we're going to take a look at an actual troubleshooting scenario, and given our current environment that we built so far. Thank you very much for your time. I look forward to speaking with you in the next video.
