0:45 thanks for the video :) My fan mod was to disconnect all stock case fans, and plug in a pc case fan to the 3 pin connector on the motherboard near the front right of the case. Then rest that case fan over the front right corner, over the only heatsink that gets hot. Running it without a case cover. Dead silent. Cheap.
I just purchased the 24 port version of the switch and used this video as a reference to configure a vlan. Thank you for the guidance. One thing I also had to do was issue the command "write memory" in order to have the configuration changes saved. If I didn't issue that command, configuration changes were lost after I power cycled the switch.
Great tutorial, ugh I just so wish this followed standard cisco style commands and stuff. But it is what it is, the controller for this MAS switch is pretty cheap too on ebay, cheaper than the switch actually, if anyone is interested. I think all the vlan stuff can be done from the web UI itself though. But thanks and guys don't forget to type write memory after exiting terminal, unless you wanan wait a while before restarting switch. I wish this video also included trunking configuration. Okay so trunking is relatively easy, just set mode to trunk to the trunk interface.
Been looking everywhere for this firmware - Aruba and HPE wont let you download it. Thank you! Also I checked the hash of the file in the dropbox and it matches whats listed on Arubas website, so I feel much better about it!
I was able to add the switch to my HPE Passport account on the Aruba support site, and then download the firmware file from the HPE site by logging in with the same SSO credentials. (Adding the device on the HPE contracts and warranties site didn't work since mine was a pre-buyout unit but it worked fine on the Aruba one)
Thanks for this video and the initial config one! I may do the fan mod but it isn't bothering me yet. I did have a question that maybe you could answer. Since these were designed for enterprise use, it seems some features, like IGMP are not fully enabled. I've tried to figure out how to enable them but am still having issues. At the root, my TiVo Minis can't see the TiVo Bolt unless it is on the same physical strand. If it has to go through the rj45 port it won't find the Bolt. This is definitely an Arurba issue since if I move them to a different switch there is no issue. Any thoughts? Thanks in advance and keep up the great videos.
i have a problem with flushing mac address in interface and port-channel. When i plug and unlug a cable connect pc to switch S2500-48T, the log will display "Flushing mac address interface and po channel". What's i have done to resolve it.
Hey, in your getting starting you talked about making this switch act as a router. Are you able to do a video for that? With this switch do I still need a router?
Hi Vicious, thank you for your detailed instructions, just got the S2500-24P and migrating from a Cisco SG200-26 in my home network. I have a few questions:1. Did you make any mods on your pfSense when you enabled jumbo frames on the switch? 2. Does it make sense to create a Lag/trunk from my pfSense router to the Aruba switch?
No mods on PfSense as its not on my Jumbo Frame VLAN, as for the 2nd. Depends on you needs/setup. I am letting the switch be my router for intervlan routing and have no need to inspect those packets at the firewall. If you want pfsense to do it, then yes it makes sense.
On the S2500 can we use AP for wireless access? In my specific case I have HP560 AP but before these APs were used with an 830 controller. Since the S2500 is not a controller would it behave as such for these APs? If so could you make a video about installing APs and the S2500?
I have to admit, there is little info on the Aruba S2500 switches. I have been struggling to get multiple vlans to pass through this switch. For example, I have my pfsense router connected to port 0/1/0. The psfense uses VLAN tagging for Vlan1, 20 and 30. I am using Ubiquiti AP's throughout my home that segregate network access through the 3 Vlans. The trouble I run into, is when I setting the trunk port of 0/1/0, How do I pass all the vlan traffic though it? Can someone show me an example?
Did you figure it out? See the question and his response to creating ports with multiple vlans - I think your AP port needs to be set as trunk as well (or maybe just tagged for 1,20,30) - otherwise by default they are set to only see vlan1.
From the standpoint of creating ports with multiple vlans - do you just add the access-vlan* and native-vlan* for each of the vlans to the switching profile? (I'm trying to create a all vlan trunk port and a wifi port with two vlans) Thanks for these videos, I'm so happy I got this switch!
Close but not quite. You would not create an access port but instead a trunk port. There is actually a default profile on the switch configured this way (plain trunk) You can combine native vlan with a trunk port so that any un-tagged traffic will automatically be tagged with that vlan. However for the most part you want to have your client device tagging its traffic to belong to a vlan on it's own and just have the port set as "trunk"
@@ViciousXUSMC Gotcha.. I think. So for my all vlan port(s) that is coming from my pfsense box - I use a trunk port using the plain-trunk profile. As far as my AP where I want the port to carry two vlans - It's still a trunk port, modifying it to include only the vlans I want?
Hey, your videos helped get me up and running with my switch, much appreciated. I'm hoping you pay be able to help me with a problem. I configured vlans like this with no ip since my router is doing tagging. the vlans work, but a couple of the wireless clients are sending dhcpdiscover broadcasts that make it back to the router, and the router sends a tagged dhcp offer to the client that never seems to make it there. The port to the router is trunked and the port to the APs are trunked as well. any insight would be greatly appreciated if you have any.
I'm curious: what DACs or SFP+ transceivers have you been using? I'm thinking about buying this switch for my 10Gb upgrade, but I've heard that there are some compatibility issues. I'd like to use a short DAC cable if possible. Your video series has been very informative, thanks!
There are some DAC that work, but it won't cost you much more to do a proper Optic SFP+ module. I got the finistars off this chart just to not take any chances. They were only like $7 on ebay and another $8 or so for my fiber. www.arubanetworks.com/support-services/interoperability/#SFP-XFP From other users what I can gather is that the switch is very picky about DAC but very not picky about optics. I do not think I have seen anybody say an Optic is not working yet.
Follow up to this, DAC cables for this are Vendor Locked. Care don't waste your money. HP cables I tried are working fine, but the Cisco and Supermicro cables i've tried won't light up - Couldn't find other affordable HP DAC cables in the lengths I needed so I went optical.
So, am I understanding this right? "access-vlan" is the same as what my procurve calls "tagged" and "native-vlan" is the same as what my ProCurve calls "untagged"? If this is the case a port can only belong to one "native-vlan" right, but unlimited "access-vlan? I just ordered an s2500 and it will be replacing my old 24 port layer2 ProCurve. On it I have my router port (going to my pfSense router) accept tagged packets on two different vlans, so I can have one vlan for home stuff, and one completely separate for server stuff, but they access the same pfSense router. Been working well on my ProCurve for some time, so I'm just trying to replicate it on the S2500.
I am using this switch with pfsense. Can someone help with Vlan tagging and untagging ports? I need to be able to do this for my access points. Thanks in advance.
Hi Vicious, any idea how to set up voice vlans using CDP or LLDP? The datasheet claims this is possible but I can't find anything related to voice settings.
Will you be doing any videos (or can you) that deal with stacking? I purchased a 48T and a 24P and have them connected. They have automatically created a stack, but now I'm a little lost as to how to manage the switches as a stack. Any ideas?
If they auto stacked, just connecting to the master should show the connections for both switches. Commands will be global to the stack. I have not tried myself this is just experience with other devices.
What is really interesting is that I can not find any documentation for this version of the OS (the latest). All of the documentation that I have found references commands that are not available in this switch. Have you found any kind of documentation?
@@BurnedOutGeek Other than preference no, they are the same. I'll see if I can look into it though. I just got two new Brocade switches and 2 new Ruckus AP's been busy around here :)
@@BurnedOutGeek Well I just fired up my 24P and connected it to the 48T via the 10gb. I had connectivity over vlan1 as the native vlan and put both ports as a trunk. I then needed to configure the default gateway on the 2nd switch to match what I had setup on the first switch. Everything is working perfect right now and they did not auto stack. I'll try to manually stack them soon and see how that works out.
Still have the switches, I also got some new Brocade switches I need to rack and do some videos on. So yeah I will do more. Just started a new job so things are crazy for a bit until I get settled back in.
I was able to find the latest firmware but when I try to unzip it, I am prompted for a password. do you know where I can find a copy that isn't zipped?
yes, using the interface range command. interface range gigabitehternet 0/0/1-0/0/16. This will allow you to pass commands to all the interfaces included in the range.
another good one, Just asking for someone thoughts Just ordered these. dose anything think these sfp will work. FTLX8571D3BCL SFP+ its off by one number is the supported list. I should think i'd be okay. Any thoughts. Jay
Does anyone know if the POE version of this switch is auto-sensing? IOW, will it fry the ethernet port of a desktop you plug into one of the gig eth ports with a regular CAT5 cable?
@Ted Thomas, Absolutely not. There would be a whole lot of computers with non-functioning NIC's if this was the case. The switch auto-senses whether to apply power based upon the device that is connected. Non-POE devices don't have this function so they work like normal ethernet ports.
@Vicious, noob question, any specific configuration needed to connect this to a wan? I plugged my router and a computer to this but somehow the computer can only access some sites like google.com but not others.
Wait a minute. Is there no way to tag two different VLANS to the same port? Whenever I try to add more than one "access-vlan" it just overwrites the previous one :(
Oh, Maybe you configure this as a "trunking port"? Sadly I don't speak Cisco. Apparently this is what Cisco means by trunking. (On my ProCurve a trunk was a group of link aggregated interfaces)
There is no setting for this. These services will listen on all IP's assigned to the device. You would need to create an IP access list to restrict devices to connect to the Ip you want.
I used some Cisco brackets, I had to widen some holes but they worked pretty much perfect. I used the actual mesh area for the screws not the screw hole.
amazing videos and it convinced me to buy a switch, everything set up fine and then i randomly starting getting the below issues This site can’t provide a secure connection192.168.1.249 didn’t accept your login certificate, or one may not have been provided. Try contacting the system admin. ERR_BAD_SSL_CLIENT_AUTH_CERT any ideas?
Vicious Computers I’ll give it a try and report back, I was able to update the firmware initially and without issue but I’ll make sure I’m booting from the correct partition
0:45 thanks for the video :) My fan mod was to disconnect all stock case fans, and plug in a pc case fan to the 3 pin connector on the motherboard near the front right of the case. Then rest that case fan over the front right corner, over the only heatsink that gets hot. Running it without a case cover. Dead silent. Cheap.
Thanks for showing the CLI and basic commands. You have a great voice for this too.
I just purchased the 24 port version of the switch and used this video as a reference to configure a vlan. Thank you for the guidance. One thing I also had to do was issue the command "write memory" in order to have the configuration changes saved. If I didn't issue that command, configuration changes were lost after I power cycled the switch.
It depends on Aruba switch, Enterprise switch(like 6300A & later)would save the Config within 5 minutes.
Thanks for a great tutorial--helped me a ton in setting up my S3500 PoE.
Great tutorial, ugh I just so wish this followed standard cisco style commands and stuff. But it is what it is, the controller for this MAS switch is pretty cheap too on ebay, cheaper than the switch actually, if anyone is interested. I think all the vlan stuff can be done from the web UI itself though. But thanks and guys don't forget to type write memory after exiting terminal, unless you wanan wait a while before restarting switch. I wish this video also included trunking configuration. Okay so trunking is relatively easy, just set mode to trunk to the trunk interface.
Been looking everywhere for this firmware - Aruba and HPE wont let you download it. Thank you! Also I checked the hash of the file in the dropbox and it matches whats listed on Arubas website, so I feel much better about it!
I was able to add the switch to my HPE Passport account on the Aruba support site, and then download the firmware file from the HPE site by logging in with the same SSO credentials.
(Adding the device on the HPE contracts and warranties site didn't work since mine was a pre-buyout unit but it worked fine on the Aruba one)
You can still download the firmware from HPE website today, can confirm. July 29, 2024.
Great info but I wish I could figure out how to install an SSL certificate on the switch so my browser will quit complaining.
I love this video, thanks so much for all your help. Do you have any tips on getting Link Aggregation working from the CLI setup?
I believe you forgot to set the MTU on the VLAN interface itself to a jumbo frame size. Showed as 1500 when you displayed the VLAN interface.
Thanks for this video and the initial config one! I may do the fan mod but it isn't bothering me yet. I did have a question that maybe you could answer. Since these were designed for enterprise use, it seems some features, like IGMP are not fully enabled. I've tried to figure out how to enable them but am still having issues. At the root, my TiVo Minis can't see the TiVo Bolt unless it is on the same physical strand. If it has to go through the rj45 port it won't find the Bolt. This is definitely an Arurba issue since if I move them to a different switch there is no issue. Any thoughts? Thanks in advance and keep up the great videos.
Any ideas on how to enable multicast would be much appreciated. I'm completely lost.
i have a problem with flushing mac address in interface and port-channel. When i plug and unlug a cable connect pc to switch S2500-48T, the log will display "Flushing mac address interface and po channel". What's i have done to resolve it.
Hey, in your getting starting you talked about making this switch act as a router. Are you able to do a video for that? With this switch do I still need a router?
Hi Vicious, thank you for your detailed instructions, just got the S2500-24P and migrating from a Cisco SG200-26 in my home network. I have a few questions:1. Did you make any mods on your pfSense when you enabled jumbo frames on the switch? 2. Does it make sense to create a Lag/trunk from my pfSense router to the Aruba switch?
No mods on PfSense as its not on my Jumbo Frame VLAN, as for the 2nd. Depends on you needs/setup. I am letting the switch be my router for intervlan routing and have no need to inspect those packets at the firewall. If you want pfsense to do it, then yes it makes sense.
@@ViciousXUSMC , please do a video on how to do inter-vlan routing on this switch. TIA
On the S2500 can we use AP for wireless access? In my specific case I have HP560 AP but before these APs were used with an 830 controller. Since the S2500 is not a controller would it behave as such for these APs? If so could you make a video about installing APs and the S2500?
I have to admit, there is little info on the Aruba S2500 switches. I have been struggling to get multiple vlans to pass through this switch. For example, I have my pfsense router connected to port 0/1/0. The psfense uses VLAN tagging for Vlan1, 20 and 30. I am using Ubiquiti AP's throughout my home that segregate network access through the 3 Vlans. The trouble I run into, is when I setting the trunk port of 0/1/0, How do I pass all the vlan traffic though it? Can someone show me an example?
Did you figure it out? See the question and his response to creating ports with multiple vlans - I think your AP port needs to be set as trunk as well (or maybe just tagged for 1,20,30) - otherwise by default they are set to only see vlan1.
From the standpoint of creating ports with multiple vlans - do you just add the access-vlan* and native-vlan* for each of the vlans to the switching profile? (I'm trying to create a all vlan trunk port and a wifi port with two vlans) Thanks for these videos, I'm so happy I got this switch!
Close but not quite. You would not create an access port but instead a trunk port. There is actually a default profile on the switch configured this way (plain trunk)
You can combine native vlan with a trunk port so that any un-tagged traffic will automatically be tagged with that vlan. However for the most part you want to have your client device tagging its traffic to belong to a vlan on it's own and just have the port set as "trunk"
@@ViciousXUSMC Gotcha.. I think. So for my all vlan port(s) that is coming from my pfsense box - I use a trunk port using the plain-trunk profile. As far as my AP where I want the port to carry two vlans - It's still a trunk port, modifying it to include only the vlans I want?
Hey, your videos helped get me up and running with my switch, much appreciated. I'm hoping you pay be able to help me with a problem.
I configured vlans like this with no ip since my router is doing tagging. the vlans work, but a couple of the wireless clients are sending dhcpdiscover broadcasts that make it back to the router, and the router sends a tagged dhcp offer to the client that never seems to make it there. The port to the router is trunked and the port to the APs are trunked as well. any insight would be greatly appreciated if you have any.
I'm curious: what DACs or SFP+ transceivers have you been using? I'm thinking about buying this switch for my 10Gb upgrade, but I've heard that there are some compatibility issues. I'd like to use a short DAC cable if possible. Your video series has been very informative, thanks!
There are some DAC that work, but it won't cost you much more to do a proper Optic SFP+ module. I got the finistars off this chart just to not take any chances. They were only like $7 on ebay and another $8 or so for my fiber.
www.arubanetworks.com/support-services/interoperability/#SFP-XFP
From other users what I can gather is that the switch is very picky about DAC but very not picky about optics. I do not think I have seen anybody say an Optic is not working yet.
Thanks, I think I'll follow your advice and use a short optical run.
Every time I try to create a VLAN the switch freezes and disconnects. What am I doing wrong?
Follow up to this, DAC cables for this are Vendor Locked. Care don't waste your money.
HP cables I tried are working fine, but the Cisco and Supermicro cables i've tried won't light up - Couldn't find other affordable HP DAC cables in the lengths I needed so I went optical.
I updated to this firmware and now my config changes wont save. Any ideas?
So, am I understanding this right? "access-vlan" is the same as what my procurve calls "tagged" and "native-vlan" is the same as what my ProCurve calls "untagged"? If this is the case a port can only belong to one "native-vlan" right, but unlimited "access-vlan?
I just ordered an s2500 and it will be replacing my old 24 port layer2 ProCurve. On it I have my router port (going to my pfSense router) accept tagged packets on two different vlans, so I can have one vlan for home stuff, and one completely separate for server stuff, but they access the same pfSense router. Been working well on my ProCurve for some time, so I'm just trying to replicate it on the S2500.
I am using this switch with pfsense. Can someone help with Vlan tagging and untagging ports? I need to be able to do this for my access points. Thanks in advance.
Why not do this through the GUI?
Hi Vicious, any idea how to set up voice vlans using CDP or LLDP? The datasheet claims this is possible but I can't find anything related to voice settings.
Bought one used from eBay I am unable to reset through the onboard menu what can I try
is this aruba or cisco switch?
the command really look like cisco
now HP owns the company, how can I update it, btw all your videos are great, thanks a lot. I use firefox 25 to interact with it btw.
Will you be doing any videos (or can you) that deal with stacking? I purchased a 48T and a 24P and have them connected. They have automatically created a stack, but now I'm a little lost as to how to manage the switches as a stack. Any ideas?
If they auto stacked, just connecting to the master should show the connections for both switches. Commands will be global to the stack. I have not tried myself this is just experience with other devices.
Right. I dont even know how to change which switch is the master. I'm assuming that it doesn't really matter?
What is really interesting is that I can not find any documentation for this version of the OS (the latest). All of the documentation that I have found references commands that are not available in this switch. Have you found any kind of documentation?
@@BurnedOutGeek Other than preference no, they are the same. I'll see if I can look into it though. I just got two new Brocade switches and 2 new Ruckus AP's been busy around here :)
@@BurnedOutGeek Well I just fired up my 24P and connected it to the 48T via the 10gb. I had connectivity over vlan1 as the native vlan and put both ports as a trunk. I then needed to configure the default gateway on the 2nd switch to match what I had setup on the first switch. Everything is working perfect right now and they did not auto stack. I'll try to manually stack them soon and see how that works out.
Are you going to keep going with the series of videos? One thing that might be helpful, well at least for me - Backing up and restore of configs.
Still have the switches, I also got some new Brocade switches I need to rack and do some videos on. So yeah I will do more. Just started a new job so things are crazy for a bit until I get settled back in.
I was able to find the latest firmware but when I try to unzip it, I am prompted for a password.
do you know where I can find a copy that isn't zipped?
False alarm I got it.
Helpful video! Does anyone know how to configure LACP/port trunking on this switch?
interface-profile lacp-profile namehere
groupid 1
independent-state
mode active
...and then...
interface gigabitethernet 1/0/x
lacp-profile namehere
can I assign a switching profile with a vlan to multiple ports at once....for example ge0/0/1-ge0/0/16 using one cli command
yes, using the interface range command. interface range gigabitehternet 0/0/1-0/0/16. This will allow you to pass commands to all the interfaces included in the range.
How could I aggregate more users as a manager in SW aruba by CLI?
in sw aruba 2930F
another good one, Just asking for someone thoughts Just ordered these. dose anything think these sfp will work.
FTLX8571D3BCL SFP+
its off by one number is the supported list. I should think i'd be okay.
Any thoughts. Jay
I'm 99.9999% sure they will. I have not seen any optic that did not, only the dac cables seem to be very picky.
Got a deal on Avago AFBR-709ASMZ-E2 from ebay for less than $7 each and some lc - lc om3 for another $7 each if you're still looking. They work great.
The ones I listed on eBay for 9 dollars show up as Aruba supported , thanks for the heads up
did they work for you? looking into getting them
DigitalCraver they did
so every thing is done though the console. and not the gui web interface. man if I get this switch I'm going to have a lot I mean a lot to learn.
Does anyone know if the POE version of this switch is auto-sensing? IOW, will it fry the ethernet port of a desktop you plug into one of the gig eth ports with a regular CAT5 cable?
@Ted Thomas, Absolutely not. There would be a whole lot of computers with non-functioning NIC's if this was the case. The switch auto-senses whether to apply power based upon the device that is connected. Non-POE devices don't have this function so they work like normal ethernet ports.
you know how to enable the trunk ?
@Vicious, noob question, any specific configuration needed to connect this to a wan? I plugged my router and a computer to this but somehow the computer can only access some sites like google.com but not others.
How i cant setup the IP from switch?
Wait a minute. Is there no way to tag two different VLANS to the same port? Whenever I try to add more than one "access-vlan" it just overwrites the previous one :(
Oh, Maybe you configure this as a "trunking port"? Sadly I don't speak Cisco. Apparently this is what Cisco means by trunking. (On my ProCurve a trunk was a group of link aggregated interfaces)
Yeah you can but they would be untagged. You can only have a single tagged vlan.
@@ViciousXUSMC I'm not quite understanding this part. Can you elaborate?
@@Someguy21341 i think vicious had that backwards, you can only have a single untagged VLAN and/or multiple tagged vlans
Does anyone know how to switch the management interface (web & ssh login) to a different VLAN? I can't seem to find this setting anywhere.
There is no setting for this. These services will listen on all IP's assigned to the device. You would need to create an IP access list to restrict devices to connect to the Ip you want.
Does anyone know a of a cheap set of rack mount hardware for an S2500? I can't find any that are compatible.
I used some Cisco brackets, I had to widen some holes but they worked pretty much perfect. I used the actual mesh area for the screws not the screw hole.
@@ViciousXUSMC Thanks! I'm guessing you used something like this: smile.amazon.com/gp/product/B06XC7NDY2
amazing videos and it convinced me to buy a switch, everything set up fine and then i randomly starting getting the below issues
This site can’t provide a secure connection192.168.1.249 didn’t accept your login certificate, or one may not have been provided.
Try contacting the system admin.
ERR_BAD_SSL_CLIENT_AUTH_CERT
any ideas?
Yes the certificate wont allow a secure connection, might find a different browser that works, or best yet use SSH to do everything.
Vicious Computers that’s what I was thinking but oddly enough SSH won’t work either, it seems to be refusing the connection as well
@@yankees01ful Use the USB method to install the very newest firmware and do a factor reset if needed.
Vicious Computers I’ll give it a try and report back, I was able to update the firmware initially and without issue but I’ll make sure I’m booting from the correct partition
@@ViciousXUSMC sadly still having an issue :-( i have a feeling its MAC port authentication related for some reason
If you have Aruba switch image for eve-ng lab plz send
Plz create svi in switch
write mem