Using HP Intelligent Management Center (IMC) to push out configuration changes to your Network Switches

I’m currently consulting out at a school and implementing some changes for their environment, one of which is tightening up their networking environment seeing as I don’t want to remote into 60 odd switches to make changes to each of them we can use HP’s Intelligent Management Center (which schools generally get on the cheap).  The task of adding the switches into IMC had already been done by the guys at the school already and is fairly quick to complete using the discovery wizard if everything on the switches is left at their default settings. Any kind of configuration can be pushed out via IMC apart from VLAN and ACL management which happens under the Services menu in their respective options.   For this example I’m configuring NTP for their switches, using the below CLI, replace xxx with your IPs;

time timezone 600
time daylight-time-rule southern-hemisphere
timesync sntp
sntp unicast
sntp server priority 1 172.16.xxx.xxx
sntp server priority 2 172.16.xxx.xxx

Now firstly we need to define a configuration template to push out.  Go to Service > Configuration Center > Configuration Templates optionally create a separate folder.  Go into your newly created folder and click Add > Manual Add.  Give the Template a Name and optionally select the switch models our configuration will apply to.  In the content window is where we enter our configuration and once done, hit OK to save.

IMC Deploying Device ConfigNow that we have our configuration ready, we navigate to Service > Configuration Center > Deployment Guide in the page that presents you select the configuration template that we made earlier. Then go in and select the devices we will be deploying this config to.  Once we have that we can also optionally select different deploy strategy options to do things like backup the existing config and save the running config after deployment. In our case I have asked IMC to backup the running configuration before deployment and then save the running config after deployment.  On the next page we can give our specific task a name and schedule a type and time, for this example I have set to run immediately.  After clicking next again we are presented with all of the options that we chose earlier to review.  If everything looks good we can hit finish and it will begin deploying the script (a window will pop up showing the status).

And that’s it.  You can use this feature to do all sorts of things such as pushing out other settings like DNS, SSH or improved security configurations.

 

Finding the location of a device using an IP or MAC Address in HP intelligent Management Centre IMC (like you could in ProCurve Manager)

Find a device using IMCI was out at a client recently helping to clean up their iMC implementation and make some recommendations regarding their network setup. I was asked if you could look up Switch and Port number location of an end user device like you could in ProCurve Manager (PCM). Sure you can, the feature has been around since HP Intelligent Management Centre 5.1 and to find it you simply need to go to;

Resources > Terminal Access > Real-Time Location.

You then just need to type in either an IP Address or MAC Address of the device and click OK. Results usually come back almost instantaneous (unlike PCM).  There isn’t any special configurations needed so long as iMC is talking to your switches.

How to Configure SNTP/NTP Time Source on HP ProCurve MSM 765zl Wireless Mobility Controller

I was recently investigating authentication methods for our Wireless system and wanted to test out Active Directory.  Basically, the controller would be checking directly with Active Directory if clients should be allowed to access our Wireless network.  After we started configuring Active Directory Authentication we noticed that the time on our MSM controller was off, going under Management -> Time only shows the time on the controller.  After a bit of Google Fu we found that the MSM Controller will get the time off the zl Chassis it is plugged into but you need to be on 5.5.3.0 or higher.

The below configuration is an example of logging into the MSM zl Module itself and configuring the time, you can also do this directly on your zl Chasis in config mode and using the NTP commands below.

First thing we need to do is find where our MSM module is installed on our zl chasis, we can do this by issuing the below command which outputs the below.

CoreSwitch(config)# show services
                Installed Services
 Slot   Index Description              Name
 B  1. Services zl Module              services-module
 B  2. HP ProCurve MSM765 zl Int-Ctlr  msm765-application

 
Okay, so now we know where the MSM module is, let’s log into it and get into configuration mode of the zl module by issuing the below commands.

CoreSwitch(config)# services  B 2
CoreSwitch(msm765-application-B)> enable
CoreSwitch(msm765-application-B)# conf
CoreSwitch(msm765-application-B)(config)#

And finally, we need to configure the NTP settings by configuring NTP, using the SNTP protocol and pointing it to an NTP server, which in our case was a Server 2008 R2 PDC.

CoreSwitch(msm765-application-B)(config)# ntp protocol sntp
CoreSwitch(config)# ntp server 1 10.1.0.104
CoreSwitch(config)# ntp server
CoreSwitch(config)#

Save Time by using CLI to Copy Command Output from HP switches to a TFTP Server

So I was recently doing some troubleshooting and needed to do a “show tech all” on a couple of our Switches to do some further analysis.  My usual way was to fire up PuTTY (or KiTTY which is an improved “fork” of Putty) and do a “show tech all” then manually copy and paste into a waiting notepad window to save the text file.

I recently found out there is a copy command that allows an administrator to copy a large number of configuration and logs files from a switch as well as a command-output option which allows an administrator to specify a CLI command to copy output of.  All you need to take advantage of this feature is an TFTP or SFTP server to copy the output to.  So a sample output to a TFTP server would be (where the IP address is your TFTP server and what ever filename you want to save the output as)

copy command-output "show tech all" tftp 172.16.20.57 show_tech_all.txt

After entering that in, you will see the switch perform the TFTP download with the output of the specified CLI command.  Once done, navigate to your TFTP (or SFTP) server Root Directory and you’ll have a show_tech_all.txt file ready to open in Notepad.  You can also do running config (swName# show run) and crash logs using the method above, just to TAB completion on the copy command to see what is available on your particular switch.