• October 21, 2017, 01:33:33 PM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Managing multiple switch access.  (Read 2084 times)

0 Members and 1 Guest are viewing this topic.

Offline Guillaume

  • Full Member
  • ***
  • Posts: 59
Managing multiple switch access.
« on: September 27, 2017, 03:06:28 PM »
Hi guys,

I've try to do my search on the web, but I wasn't very successful finding what I'm looking for. We are not a very very big company, but I do manage between 100-150 Avaya switch across all our office.

We are using a single admin username / password for the 2-3 IT who need to access them and configure it. Security-wise, we decided that it would be better to have separate credentials (username identifying the IT).

All our switch are configured with cli password local command. It's a pain to go into each switch to do password change. Is there a way that I'm missing to do something easier (other than an automatic script I guess) ?

I was about to check Radius Authentication. Still need to add each switch into Radius, but at least once it's done, you keep your credential at one place for the years after. But we still have a problem because we need to configure those credentials locally in case of a network problem and radius not being reachable. It would be nice that the switch update/add the Radius user locally at each login, just like a computer on the domain ?

How do you guys working with that ?


I was about to check Radius Authentification. Still need to add each switch into Radius. But at least once it's done, you keep your credential at one place. But we still have a problem because we need to configure those credential locally in case of a network problem and radius not being reacheable.

How do you guys working with that ?


Offline Sja

  • Rookie
  • **
  • Posts: 20
Re: Managing multiple switch access.
« Reply #1 on: September 28, 2017, 11:15:47 AM »
Hi

I never use MS for that,but you can just run Radius service from windows

https://www.youtube.com/watch?v=YmmObbL24lA

Bulk configuration change? try Solarwinds

1.http://www.solarwinds.com/kiwi-cattools
Very cost effective
2.http://www.solarwinds.com/network-configuration-manager
For bigger shops

Offline TankII

  • Hero Member
  • *****
  • Posts: 539
Re: Managing multiple switch access.
« Reply #2 on: September 29, 2017, 07:59:14 PM »
Radius users for the past 14 years!
First with Ascend Radius, then Steel Belted, now with Identity Engines.

Offline Řyvind Nikolaisen

  • Jr. Member
  • **
  • Posts: 49
Re: Managing multiple switch access.
« Reply #3 on: October 02, 2017, 01:00:18 AM »
We've been using TACACS+ linked to AD Groups to manage our 4.000+ network Devices, of which 800 or so are Avaya VSPs or Baystacks. Either way, get rid of the old way of using local passwords since they may be a pain in the posterior to manage!

Brgds
Řyvind
Best regards,

Řyvind Nikolaisen
Senior Network Engineer
Avaya ACE Fx #204

Offline Sja

  • Rookie
  • **
  • Posts: 20
Re: Managing multiple switch access.
« Reply #4 on: October 02, 2017, 05:13:36 AM »
We've been using TACACS+ linked to AD Groups to manage our 4.000+ network Devices, of which 800 or so are Avaya VSPs or Baystacks. Either way, get rid of the old way of using local passwords since they may be a pain in the posterior to manage!

Brgds
Řyvind
Waooo...
That is a big network!!
How big is your SPBM domain?

Offline Řyvind Nikolaisen

  • Jr. Member
  • **
  • Posts: 49
Re: Managing multiple switch access.
« Reply #5 on: October 11, 2017, 07:57:35 AM »
As SPBM Networks go, it isn't all that big really. Presently just 86 nodes, down from about 140 at max. We did play around with SPB on ERS4800s, but found the combination og 802.1x and SPB didn't work all that well. In addition, we have merged a number of ERS8600/8800s into VSP9000/VSP8000 cluster, thus the reduction in SPB nodes.

However, to give you an idea of what our network looks like, I've enclosed a screenshot from COM. Looks kind of impressive, doesn't it?
Best regards,

Řyvind Nikolaisen
Senior Network Engineer
Avaya ACE Fx #204

Offline Sja

  • Rookie
  • **
  • Posts: 20
Re: Managing multiple switch access.
« Reply #6 on: October 12, 2017, 04:51:11 AM »
As SPBM Networks go, it isn't all that big really. Presently just 86 nodes, down from about 140 at max. We did play around with SPB on ERS4800s, but found the combination og 802.1x and SPB didn't work all that well. In addition, we have merged a number of ERS8600/8800s into VSP9000/VSP8000 cluster, thus the reduction in SPB nodes.

However, to give you an idea of what our network looks like, I've enclosed a screenshot from COM. Looks kind of impressive, doesn't it?

Hi

Very impressive nice to see that scale..
Do you know about bigger SPB domain  den that ?
I know they say around 1000 BEB/BCB..
thanks for sharing

/SJA