Brocade Switch Access Through SSH and Web Tools - NETSEC


Learning, Sharing, Creating

Cybersecurity Memo

Thursday, March 30, 2017

Brocade Switch Access Through SSH and Web Tools

1. Through SSH
It is pretty straightforward, launch ssh client, enter your switch ip and credential, you will be in the command line.


TEST1BRO1:FID128:admin> help
aaaconfig                  Configure RADIUS for AAA services
ad                         Specifies all administration domain (AD)-level 
ag                         Configure the Access Gateway feature
agautomapbalance           Configure the Access Gateway automapbalance feature
agshow                     Displays the Access Gateway information registered 
                           with the fabric
agtcfgdefault              Reset SNMP agent to factory default
aliadd                     Add a member to a zone alias
alicreate                  Create a zone alias
alidelete                  Delete a zone alias
aliremove                  Remove a member from a zone alias
alishow                    Print zone alias information
apploginhistory            Used to how the login history of external 
aptpolicy                  Get and set Advanced Performance Tuning policy
auditcfg                   Modifies and displays audit log filter 
auditdump                  Display audit log
authutil                   Get and set authentication configuration
bannerset                  Set security banner
bannershow                 Display security banner
bcastshow                  Display broadcast routing information
bladecfggemode             Configure 1GigE/10GigE port configuration for blade
bladedisable               Disables all user ports on a blade.
bladeenable                Enables all User Ports on a blade.
bladeswap                  Swaps area numbers for all ports on a blade
bootluncfg                 Configure boot LUN for an HBA
bottleneckmon              Configure port bottleneck monitor
bpportloopbacktest         Functional test of port via blade processor path.
bpturboramtest             MBIST test for AP blade BP ASICs
bufopmode                  Configure buffer credit model
ceeportledtest             Cycle user port LEDs.
ceeportloopbacktest        Functional test of port N->N path.
ceeturboramtest            MBIST test for ASICs
cfgactvshow                Display Effective zone configuration information
cfgadd                     Add a member to a configuration
cfgclear                   Clear all zone configurations
cfgcreate                  Create a zone configuration
cfgdelete                  Delete a zone configuration
cfgdisable                 Disable a zone configuration
cfgenable                  Enable a zone configuration
cfgmcdtmode                Configure legacy MCDT zoning behavior
cfgremove                  Remove a member from a configuration
cfgsave                    Save zone configurations in flash
cfgsaveactivetodefined     Moves the effective configuration to the defined 
cfgshow                    Print zone configuration information
cfgsize                    Print size details of zone database
cfgtransabort              Abort zone configuration transaction
cfgtransshow               Print zone configurations in transaction buffer
chassisbeacon              Set chassis beacon on or off
chassisconfig              Display or set the chassis configuration
chassisdisable             Disable all ports in chassis
chassisdistribute          Distributes data to physical chassis in a fabric
chassisenable              Enable all ports in chassis
chassisname                Display or set the chassis's Name
chassisshow                Display all Field Replaceable Units (FRU)
clihistory                 Displays a log of most recently executed CLI 
cmsh                       Start CEE Management Shell
configdefault              Reset config to factory default
configdownload             Load switch config from a server
configlist                 List the stored config files
configremove               Remove a stored config file
configshow                 Print switch config parameters
configupload               Save switch config to a server
configure                  Set logical switch config parameters
configurechassis           Set chassis config parameters
cryptocfg                  Configure encryption node functions
datatypeshow               Display available diagnostic data types.
date                       Print/set the system date and time
dbgshow                    Display debug levels of various modules
defzone                    Activates or deactivates a default zone 
diagclearerror             Clears diagnostics failure status.
diagdisablepost            Disable diagnostic POST.
diagenablepost             Enable diagnostic POST.
diaghelp                   Display diagnostic command descriptions.
diagpost                   Displays the contents of port registers and 
diagretry                  Sets diagnostic retry mode
diagshow                   Display diagnostic status.
diagstatus                 Display currently running diagnostic tests.
distribute                 Distributes data to switches in a fabric.
dlsreset                   Configure dynamic load sharing (DLS) option
dlsset                     Configure dynamic load sharing (DLS) option
dlsshow                    Display the state of the dynamic load sharing 
dnsconfig                  Configure DNS service
enclosureshow              Display the switch enclosure attributes
errclear                   Clear error log
errdelimiterset            Sets the error log start and end delimiter for 
                           messages sent to the console and syslog
errdump                    Print error log (no page breaks)
errfilterset               Sets a filter for an error log destination
errmoduleshow              Displays all the defined modules in the system
errshow                    Print error log
fabportshow                Display contents of a particular port's data
fabretryshow               Display retry count of various fabric commands
fabriclog                  Displays or manipulates the fabric log
fabricprincipal            Configure Principal Switch Selection mode
fabricshow                 Print fabric membership info
fabstatsshow               Displays the fabric statistics information
fabswitchshow              Display fabric switch state information
fandisable                 Disables a fan unit.
fanenable                  Enables a fan unit.
fanshow                    Print fan status
fastboot                   Reboot this switch and bypass POST
fastwritecfg               Configure FC fastwrite feature
fcipchiptest               Functional Test of Components in FCIP Complex.
fciphelp                   Print FCIP help info
fcipledtest                Cycle user port LEDs.
fcippathtest               Data Path Test of the FCIP complex.
fcoe                       Displays and configures FCoE ports FIP and fcmap 
fcoelogincfg               Enable/Disable Save or display FCoE login 
fcoelogingroup             Creates or modifies FCoE login configuration
fcping                     Sends a FC ELS ECHO request to a port
fcplogclear                Clear the FCP log
fcplogdisable              Disable logging of FCP events
fcplogenable               Enable logging of FCP events
fcplogshow                 Display FCP probing log information
fcpprobeshow               Display FCP probing information
fcprlsshow                 Display FCP RLS (read link state) information
fcrbcastconfig             Configure interfabric broadcast frame forwarding
fcrchiptest                Functional Test of FCR FPGA.
fcrconfigure               Sets FC Router configuration parameters.
fcredgeshow                Displays FIDs assigned to defined EX_Port
fcrfabricshow              Displays FC Routers on a backbone fabric.
fcrlsan                    Configure LSAN policies
fcrlsancount               Display maximum LSAN zone limit.
fcrlsanmatrix              Manage LSAN fabric matrix configuration.
fcrpathtest                Data Path Test on Connection between FCR FPGA and 
                           Central ASIC.
fcrphydevshow              Displays FC Router physical device information.
fcrproxyconfig             Displays or configures proxy devices presented by 
                           an FC Router.
fcrproxydevshow            Displays FC Router proxy device information.
fcrresourceshow            Displays FC Router physical resource usage.
fcrrouterportcost          Modify FC Router port cost configuration.
fcrrouteshow               Displays FC Router route information.
fcrxlateconfig             Displays or persistently configures a translate 
                           (xlate) domain's domain ID for both 
                           EX_Port-attached fabric and backbone fabric.
fddcfg                     fddcfg manages the fabric data distribution 
                           configuration parameters.
fdmicacheshow              Display abbreviated remote FDMI device information 
                           according to remote domain ID
fdmishow                   Display detailed FDMI device information
ficoncfg                   Manage FICON configuration
ficonclear                 Clears contents of the specified FICON management 
ficoncupset                Sets FICON-CUP parameters for a switch
ficoncupshow               Displays FICON-CUP parameters for a switch
ficonhelp                  Displays FICON commands
ficonshow                  Displays contents of the specified FICON management
fipscfg                    Configure FIPS mode operation
firmwarecommit             Commit firmware to stable storage
firmwaredownload           Download firmware into switch
firmwaredownloadstatus     Display the progress and status of firmwareDownload
firmwarekeyshow            Manage the keys used to check firmware signatures
firmwarekeyupdate          Manage the keys used to check firmware signatures
firmwarerestore            Restore the old firmware in the switch
firmwareshow               Display firmware versions in the switch
fmconfig                   Configure Frame Monitors
fosconfig                  Enable/disable FabOS services
fosexec                    Invoke command in alternate VF context
framerpathtest             Tests data path between ASICs
frureplace                 Replace a Field Replacable Unit
fspfshow                   Print FSPF global information
fwalarmsfilterset          Configure alarms filtering for Fabric Watch
fwalarmsfiltershow         Show alarms filtering for Fabric Watch
fwclassinit                Initialize all Fabric Watch classes
fwconfigreload             Reload Fabric Watch configuration
fwconfigure                Configure Fabric Watch
fwfrucfg                   Configure FRU state and notification
fwhelp                     Print Fabric Watch help info
fwmailcfg                  Configure Fabric Watch Email Alert
fwportdetailshow           Create a report with detailed port information
fwsamshow                  Show availability monitor information
fwset                      Set port persistence time
fwsettocustom              Set boundary & alarm level to custom
fwsettodefault             Set boundary & alarm level to default
fwshow                     Show thresholds monitored and port persistence time
grep                       Linux grep command
h                          Print shell history
hadisable                  Disables the High Availability feature in the 
hadump                     Displays information about the status of the High 
                           Availability feature in the switch.
haenable                   Enables the High Availability feature in the switch
hafailover                 Forces the failover mechanism so that the Standby 
                           Control Processor (CP)becomes the Active CP.
hashow                     Displays control processor (CP) status
hasyncstart                Enables HA state synchronization.
hasyncstop                 Disables the HA state synchronization.
help                       Print this list
historylastshow            Displays last history record
historymode                Display or set the mode of the history log
historyshow                Displays entire history log
i                          Display process summary
iclcfg                     Configure ICL state
ifmodeset                  Set the link operating mode for a network interface
ifmodeshow                 Display the link operating mode for a network 
interfaceshow              Display the FSPF (TM) interface information
interopmode                Displays/enables/disables Brocade switch 
                           interoperability with switches from other 
ioddelayreset              Configure in-order-delivery (IOD) delay parameter
ioddelayshow               Configure in-order-delivery (IOD) delay parameter
iodreset                   Turn off the in-order delivery (IOD) option
iodset                     Manage the in-order delivery (IOD) option
iodshow                    Display the state of the in-order delivery option
ipaddrset                  Set ethernet and FC IP addresses
ipaddrshow                 Print ethernet and FC IP addresses
ipfilter                   Manage/display IP filters
ipsecconfig                Configure IPSec feature
iscsihelp                  Print iSCSI help info
islshow                    Display the current connections and status
killtelnet                 Terminate telnet/serial login sessions 
ldapcfg                    Configure LDAP role mapping
ledtest                    Cycle system LEDs.
lfcfg                      Configure logical fabrics
lfexec                     Invoke command in alternate VF context
licenseadd                 Adds license keys to switch
licensehelp                Print license help info
licenseidshow              Displays the system license ID
licenseport                Configure per-port POD license assignments
licenseremove              Removes a license key from this system
licenseshow                Displays current license keys
licenseslotcfg             Configure licenses on a slot basis
linkcost                   Set or print the FSPF cost of a link
login                      Login as a new user
logout                     Logout from remote session
lscfg                      Configure logical switches
lsdbshow                   Displays the FSPF link state database
memshow                    Display memory usage in the system.
minispropshow              Displays ASIC pair properties.
more                       Linux more command
mscapabilityshow           Display Management Server Capability.
msconfigure                Configure Management Server
msfr                       Create a MSFR Zone
msplatshow                 Display the Management Server Platform Database
msplatshowdbcb             Display the Management Server Database Control 
msplcleardb                Clear the Management Server Platform Database 
msplmgmtactivate           Activate the Management Server Platform Database 
msplmgmtdeactivate         Deactivate the Management Server Platform Database 
mstddisable                Disables the Management Server Topology Discovery 
                           Management Service
mstdenable                 Enables the Management Server Topology Discovery 
                           Management Service
mstdreadconfig             Display status of Management Server Topology 
                           Discovery Service
myid                       Display the current login session details
nbrstateshow               Display FSPF (TM) neighbors' states
nbrstatsclear              Reset the FSPF (TM) interface counters
netstat                    Display network connections and statistics
nodefind                   Display all the devices' PID matching the given 
                           world wide name
nsaliasshow                Display local Name Server information with Aliases
nsallshow                  Print global Name Server information
nscamshow                  Print local Name Server Cache information
nsshow                     Print local Name Server information information
nszonemember               Display the information of all the online devices 
                           which are zoned with the given device.
openfr                     Create a MSFR Zone
opensource                 Display information on open source software 
                           utilized in FabOS
passwd                     Set usernames and passwords
passwdcfg                  passwdcfg manages the password policies.
pathinfo                   Display routing information between two ports
pdshow                     Show information from Panic Dump file
perfaddeemonitor           Add end-to-end monitor
perfaddipmonitor           Add monitor for IP trafic frame count
perfaddreadmonitor         Add filter-based monitor - SCSI Read
perfaddrwmonitor           Add monitor - SCSI Read and Write
perfaddscsimonitor         Add monitor for SCSI frame count
perfaddusermonitor         Add filter-based monitor
perfaddwritemonitor        Add filter-based monitor - SCSI Write
perfcfgclear               Clear Performance settings from FLASH
perfcfgrestore             Restore Performance configuration from FLASH
perfcfgsave                Save Performance configuration to FLASH
perfclearalpacrc           Clears the CRC error count associated with a port 
                           and Arbitrated Loop Physical Address (AL_PA).
perfcleareemonitor         Clears statistics counters of one or more 
                           end-to-end performance monitors.
perfclearfiltermonitor     Clears counters of one or more filter-based 
                           performance monitors.
perfdeleemonitor           Delete end-to-end monitor
perfdelfiltermonitor       Delete filter-based monitor
perfhelp                   Print Performance Monitoring help info
perfmonitorclear           Clear end-to-end/filter-based/ISL monitors
perfmonitorshow            Show end-to-end/filter-based/ISL monitors
perfresourceshow           Show monitor availability
perfsetporteemask          Set overall mask for end-to-end monitors
perfshowalpacrc            Get ALPA CRC count by port and ALPA
perfshoweemonitor          Show user-defined end-to-end monitors
perfshowfiltermonitor      Show filter-based monitors
perfshowporteemask         Show the current end-to-end mask
perfttmon                  Configure bandwidth usage monitor
ping                       Display the link operating mode for a network 
ping6                      Display the link operating mode for a network 
pkicreate                  Creates public key infrastructure (PKI) objects
pkiremove                  Removes existing public key infrastructure (PKI) 
pkishow                    Displays existing public key infrastructure (PKI) 
policy                     Configure IPSec encryption and authentication 
portaddress                Configure low 16 bits of Fibre Channel Porrt ID
portalpashow               Show the ALPAs of a port
portbeacon                 Enable or disable port beacon
portbuffershow             Print the buffer allocations for the ports of a 
portcamshow                Display filter utilization
portcfg                    Create/Delete a new ip interface/route/arp entry on
                           the GigE port
portcfgalpa                Set AL_PA to 0x0 (default) or 0x13
portcfgautodisable         Configure auto disable
portcfgcreditrecovery      Configure credit recovery
portcfgdefault             Restore the port configuration to defaults
portcfgeport               Enable/Disable a port from becoming E_Port
portcfgexport              Sets a port to be an EX_Port and sets and displays 
                           EX_Port configuration parameters.
portcfgfillword            Configure a port to a particular fill word
portcfgfportbuffers        Configure F_Port buffers
portcfggemediatype         Configure media type for GigE port
portcfggport               Lock a port as a G_Port
portcfgislmode             Configure a port to be ISL R_RDY Mode 
portcfglongdistance        Configure a Long Distance Port
portcfglosstov             Configure frontend port signal debounce
portcfglport               Lock a port as a L_Port
portcfgnpivport            Configure NPIV functionality on a port.
portcfgnport               Enable/disable N_Port capability for a port
portcfgpersistentdisable   Persistently disable a port
portcfgpersistentenable    Enable a persistently disabled port
portcfgqos                 Configure QoS feature
portcfgshow                Displays port configuration settings.
portcfgspeed               Configure a port to a particular speed level
portcfgtrunkport           Configure a port for trunking
portcfgvexport             Sets a port to be an VEX_Port connected to FC-IP 
                           and sets and displays VEX_Port configuration 
portcmd                    Execute commands (ping etc) on the GigE port
portdebug                  Set debug level and verbosity level of port modules
portdisable                Disable a specified port
portenable                 Enable a specified port
porterrshow                Print port error summary
portfencing                Configure Fabric Watch port fencing feature
portflagsshow              Display the port status bitmaps of all ports in a 
portledtest                Cycle user port LEDs.
portlogclear               Clear port activity log
portlogconfigshow          Display portlog configuration
portlogdisable             Disable portlog facility
portlogdump                Print port log (no page breaks)
portlogdumpport            Print port log (no page breaks)
portlogenable              Enables port log facility
portlogeventshow           Display information about port log events
portloginshow              Display port login information
portlogpdisc               Set or clear the debug_pdisc_flag
portlogreset               Enable portlog facility
portlogresize              Resize the port log
portlogshow                Print port activity log
portlogshowport            Print port activity log
portlogtypedisable         Disable port logging
portlogtypeenable          Enable port logging
portloopbacktest           Functional test of port N->N path.
portmirror                 Set a port's configuration to be disabled or 
portname                   Assign or display the name associated with a port
portperfshow               Print port throughput numbers
portrouteshow              Display various routing tables for a port
portshow                   Show configured ip interfaces/routes/arp entries on
                           the GigE Port
portstats64show            Display the 64-bit hardware statistics for a port
portstatsclear             Clear the status of a specified switch port
portstatsshow              Print hardware statistics
portswap                   Swaps area numbers
portswapdisable            Disable portswap feature
portswapenable             Enable portswap feature
portswapshow               Display port and area information
porttest                   Functional test on a live fabric. Starts porttest.
porttestshow               Retreive information from porttest.
portthconfig               Configure Fabric Watch port threshold monitor
porttrunkarea              Configure area trunking
portzoneshow               Displays the enforced zone type of the F/FL-ports 
                           of a switch.
powerofflistset            sets slot power off list order
powerofflistshow           Displays slot power-off order.
psshow                     Print power supply status
reboot                     Reboot this processor
routehelp                  Print routing help info
saschiptest                Functional Test of Components in SAS Complex.
saspathtest                Data Path Test of the SAS complex.
secactivesize              Displays size of the active (security) database
secauthcertificate         Configure FCAP switch certificate properties
secauthsecret              Creates/Manages DHCHAP secret key details
seccertutil                Creates/Manages/Displays third party PKI 
secdefinesize              Displays size of the defined (security) database
secglobalshow              Displays current internal security state 
sechelp                    Displays information about security commands
secpolicyabort             Aborts changes to defined policy
secpolicyactivate          Activates all policy sets
secpolicyadd               Adds members to an existing policy
secpolicycreate            Creates a new policy
secpolicydelete            Deletes an existing policy
secpolicydump              Displays all members of existing policies
secpolicyfcsmove           Moves a member in the FCS policy
secpolicyremove            Removes members from an existing policy
secpolicysave              Saves defined policy set and sends to all switches
secpolicyshow              Shows members of one or more policies
secstatsreset              Resets security statistics
secstatsshow               Displays security statistics
sensorshow                 Display sensor readings
setdbg                     Set debug level of the specified module
setmodem                   Enables or disables modem login to a control 
                           processor (CP)
setverbose                 Set verbosity level of the specified module
sfpshow                    Print Serial ID SFP information
shellflowcontroldisable    Disable xon-xoff flow control on console serial 
shellflowcontrolenable     Enable xon-xoff flow control on console serial port
sleep                      Linux sleep command
slotpoweroff               Removes power from a slot.
slotpoweron                Restores power to a slot.
slotshow                   Displays the status of all slots in the system.
snmpconfig                 Configure SNMP
snmpmibcapset              Set options for configuring SNMP Mib/Trap 
snmpmibcapshow             Show SNMP Mib/Trap Configuration
snmptraps                  Configure SNMP traps
spinfab                    Functional test of switch to switch ISL cabling and
                           trunk group operation.
sshutil                    Configure SSH authentication options
statsclear                 Clear port and diagnostic statistics.
stopporttest               Terminate the running porttest.
supportffdc                Modifies or displays first-failure data capture 
                           (FFDC) configuration.
supportftp                 set support Ftp parameters
supportsave                retrieve support data from switch to host
supportshow                Prints switch information for debugging purposes.
supportshowcfgdisable      Disables a group of commands under supportshow 
supportshowcfgenable       Enables a group of commands under supportshow 
supportshowcfgshow         Displays the groups of commands enabled for 
                           display. by the supportshow command.
switchbeacon               Set switch beacon on or off
switchcfgpersistentdisable Persistently disable a switch
switchcfgpersistentenable  Enable a persistently disabled switch
switchcfgspeed             Configures all ports of the switch to a particular 
                           speed level
switchcfgtrunk             Configure all ports on the switch for trunking
switchdisable              Disable this switch
switchenable               Enable this switch
switchname                 Print/set this switch's name
switchshow                 Print switch and port status
switchstatuspolicyset      Set policy parameters for overall switch status
switchstatuspolicyshow     Print policy parameters for overall switch status
switchstatusshow           Print overall switch status
switchuptime               Display the amount of time for which the switch is 
switchviolation            Display policy violations recorded in RAS log
syslogdfacility            Change the syslog facility
syslogdipadd               Add syslog daemon IP address
syslogdipremove            Remove syslog daemon IP address
syslogdipshow              Print the syslog daemon targets
sysmonitor                 Configure system memory usage monitor
sysshutdown                Provides a graceful shutdown to protect the switch 
                           file systems.
tempshow                   Print temperature readings
thconfig                   Configure Fabric Watch thresholds
timeout                    Set/show the IDLE timeout value for a login session
top                        Linux top command
topologyshow               Display the unicast fabric topology
tracedump                  generate/remove trace dump or display trace dump 
trackchangeshelp           Print Track Changes help info
trackchangesset            Configure alert for login/logout/config update
trackchangesshow           Displays status of track changes
trunkdebug                 Debug a trunk link failure
trunkshow                  Display trunking information
tsclockserver              Displays or sets the NTP server address
tstimezone                 Displays or sets the time zone
turboramtest               Turbo SRAM test for bloom ASICs.
uptime                     Print how long switch has been up
urouteconfig               Configure a static route
urouteremove               Remove a static route
urouteshow                 Display unicast routing information
usbstorage                 Manage USB storage device (available on Brocade 
                           Data Center Director only).
userconfig                 Display or configure user accounts
userrename                 Rename user login name
version                    Print firmware version
wwn                        Display or set the world wide name
wwnaddress                 Configure persistent PID assignments
zone                       Configure zone objects
zoneadd                    Add a member to a zone
zonecreate                 Create a zone
zonedelete                 Delete a zone
zonehelp                   Print zoning help info
zoneobjectcopy             Copies a zone object
zoneobjectexpunge          Expunges a zone object
zoneobjectrename           Rename a zoning Object
zoneremove                 Remove a member from a zone
zoneshow                   Print zone information

TEST1BRO1:FID128:admin> cfgshow
Defined configuration:
 cfg:   Testoffice
                backup; clunn1; clunn2; esx5; esx6; exch_backup; exch_phy_1; 
                exch_phy_2; exch_xen1; exch_xen2; os7015t3P1; test1xenfe2p1_p1; 
                test1xenfe2p2_p1; test1xenfe2p3_p1; test1xenfe2p4_p1; 
                test1xenfe2p5_p1; test1xenvmpp2; vtcxmarkham_05; vtcxmarkham_07
 zone:  backup  1,22; 1,23; ibmtapedrive2; netapp_a_p2; netapp_b_p2; 
 zone:  clunn1  1,22; 1,23; clun1; netapp_a_p2; netapp_b_p2
 zone:  clunn2  1,22; 1,23; clun2; netapp_a_p2; netapp_b_p2
 zone:  esx5    1,22; 1,23; esx5_p2; netapp_a_p2; netapp_b_p2
 zone:  esx6    1,27; 1,31; esx6_p2; netapp_a_p2; netapp_b_p2
 zone:  exch_backup
                1,12; 1,15; 1,21; 1,25; 1,27; 1,31; netapp_b_p2
 zone:  exch_phy_1
                1,14; 1,15; 1,25
 zone:  exch_phy_2
                1,15; 1,20; 1,25
 zone:  exch_xen1
                1,15; 1,24; 1,25
 zone:  exch_xen2
                1,15; 1,25; 1,26
 zone:  os7015t3P1
                1,27; 1,31; netapp_a_p2; netapp_b_p2; os7015t3
 zone:  test1xenfe2p1_p1
                1,22; 1,23; netapp_a_p2; netapp_b_p2; test1xenfe2p1
 zone:  test1xenfe2p2_p1
                1,22; 1,23; netapp_a_p2; netapp_b_p2; test1xenfe2p2
 zone:  test1xenfe2p3_p1
                1,27; 1,31; netapp_a_p2; netapp_b_p2; test1xenfe2p3
 zone:  test1xenfe2p4_p1
                1,22; 1,23; netapp_a_p2; netapp_b_p2; test1xenfe2p4
 zone:  test1xenfe2p5_p1
                1,22; 1,23; netapp_a_p2; netapp_b_p2; test1xenfe2p5
 zone:  test1xenvmpp2
                1,15; 1,22; 1,23; 1,25; netapp_a_p2; netapp_b_p2; 
                netbackupold; test1xenvmp
 zone:  vtcxmarkham_05
                1,27; 1,31; netapp_a_p2; netapp_b_p2; vtcxmarkham05
 zone:  vtcxmarkham_07
                1,17; 1,27; 1,31; netapp_a_p2; netapp_b_p2
 alias: clun1   1,10
 alias: clun2   1,11
 alias: esx5_p2 1,19
 alias: esx6_p2 1,18
 alias: ibmtapedrive2
 alias: netapp_a_p2
 alias: netapp_b_p2
 alias: netbackupold
 alias: os7015t3
 alias: test1bkpoffp
 alias: test1xenfe2p1
 alias: test1xenfe2p2
 alias: test1xenfe2p3
 alias: test1xenfe2p4
 alias: test1xenfe2p5
 alias: test1xenvmp
 alias: vtcxmarkham05
 alias: vtcxmarkham07

Effective configuration:
 cfg:   Testoffice
 zone:  backup  1,22
 zone:  clunn1  1,22
 zone:  clunn2  1,22
 zone:  esx5    1,22
 zone:  esx6    1,27
 zone:  exch_backup
 zone:  exch_phy_1
 zone:  exch_phy_2
 zone:  exch_xen1
 zone:  exch_xen2
 zone:  os7015t3P1
 zone:  test1xenfe2p1_p1
 zone:  test1xenfe2p2_p1
 zone:  test1xenfe2p3_p1
 zone:  test1xenfe2p4_p1
 zone:  test1xenfe2p5_p1
 zone:  test1xenvmpp2
 zone:  vtcxmarkham_05
 zone:  vtcxmarkham_07

TEST1BRO1:FID128:admin> thconfig
Fabric Watch is not licensed.
TEST1BRO1:FID128:admin> switchshow
switchName:     TEST1BRO1
switchType:     66.1
switchState:    Online   
switchMode:     Native
switchRole:     Principal
switchDomain:   1
switchId:       fffc01
switchWwn:      10:00:00:05:33:7d:b2:b0
zoning:         ON (Testoffice)
switchBeacon:   OFF
FC Router:      OFF
Allow XISL Use: OFF
LS Attributes:  [FID: 128, Base Switch: No, Default Switch: Yes, Address Mode 0]

Index Port Address Media Speed State     Proto
  0   0   010000   id    N8   Online      FC  F-Port  21:00:00:24:ff:25:34:61 
  1   1   010100   id    N8   Online      FC  L-Port  1 public
  2   2   010200   id    N8   No_Light    FC  
  3   3   010300   id    N8   Online      FC  F-Port  21:00:00:24:ff:25:33:fe 
  4   4   010400   id    N8   Online      FC  F-Port  50:01:43:80:24:29:6b:90 
  5   5   010500   id    N8   Online      FC  F-Port  50:01:43:80:24:29:5d:10 
  6   6   010600   id    N8   Online      FC  F-Port  50:01:43:80:24:29:60:44 
  7   7   010700   id    N8   No_Light    FC  
  8   8   010800   id    N8   No_Light    FC  
  9   9   010900   id    N4   Online      FC  F-Port  21:01:00:1b:32:b7:c7:f4 
 10  10   010a00   id    N8   Online      FC  F-Port  50:01:43:80:24:29:5e:be 
 11  11   010b00   id    N8   Online      FC  F-Port  50:01:43:80:24:29:60:ee 
 12  12   010c00   id    N8   Online      FC  F-Port  10:00:00:90:fa:cb:b7:f7 
 13  13   010d00   --    N8   No_Module   FC  
 14  14   010e00   id    N8   Online      FC  F-Port  10:00:00:90:fa:cb:c2:10 
 15  15   010f00   id    N8   Online      FC  F-Port  1 N Port + 3 NPIV public 
 16  16   011000   id    N8   Online      FC  F-Port  50:01:43:80:24:29:5e:74 
 17  17   011100   id    N8   Online      FC  F-Port  50:01:43:80:24:29:61:30 
 18  18   011200   id    N8   Online      FC  F-Port  21:00:00:24:ff:32:6c:c5 
 19  19   011300   id    N8   Online      FC  F-Port  21:00:00:24:ff:25:33:5a 
 20  20   011400   id    N8   Online      FC  F-Port  10:00:00:90:fa:cb:c2:5e 
 21  21   011500   id    N8   Online      FC  L-Port  1 public
 22  22   011600   id    N8   Online      FC  F-Port  1 N Port + 2 NPIV public 
 23  23   011700   id    N8   Online      FC  F-Port  1 N Port + 2 NPIV public 
 24  24   011800   id    N8   Online      FC  F-Port  10:00:00:90:fa:cb:b7:de 
 25  25   011900   id    N8   Online      FC  F-Port  1 N Port + 3 NPIV public 
 26  26   011a00   id    N8   Online      FC  F-Port  10:00:00:90:fa:cb:df:5f 
 27  27   011b00   id    N8   Online      FC  F-Port  1 N Port + 2 NPIV public 
 28  28   011c00   id    N8   Online      FC  F-Port  50:01:43:80:28:cf:97:9e 
 29  29   011d00   id    N8   Online      FC  F-Port  50:01:43:80:33:16:c2:2c 
 30  30   011e00   id    N8   No_Light    FC  
 31  31   011f00   id    N8   Online      FC  F-Port  1 N Port + 2 NPIV public 
 32  32   012000   --    N8   No_Module   FC  (No POD License) Disabled
 33  33   012100   --    N8   No_Module   FC  (No POD License) Disabled
 34  34   012200   --    N8   No_Module   FC  (No POD License) Disabled
 35  35   012300   --    N8   No_Module   FC  (No POD License) Disabled
 36  36   012400   --    N8   No_Module   FC  (No POD License) Disabled
 37  37   012500   --    N8   No_Module   FC  (No POD License) Disabled
 38  38   012600   --    N8   No_Module   FC  (No POD License) Disabled
 39  39   012700   --    N8   No_Module   FC  (No POD License) Disabled

TEST1BRO1:FID128:admin> switchname

2. Through Web Tools in Firefox

It cost me two hours to find out a solution for v6.4.1b Web Tools working in my browsers. Here is what I experienced. I was using latest Java 1.8 and quickly found it does not work properly. Based on  Internet search results, 1.7 or 1.6 suppose to work. Quickly installed both and enabled 1.6 / 1.7 , but it seems only 1.7 works with special tuning.
Java Runtime Environment Settings

It needs special url, not default http://<Brocade SW ip address>. It has to be http://<Brocade SW IP Address>/switchExplorer_installed.html. If you are using wrong url, you will always be directed to Java download site. 

Even with 1.7 and with this special url, I still experienced famous "Failed to validate certificate" error. I tried to disable certificate verification, low down Java security level to medium. 

But still same. It downloaded application, but failed to launch it because certificate could not be verified.

Failed validate certificate

More information on Failed to validate certificate error

Eventually I found another small tuning on file located in your windows machine's c:/program files/Java/JRE installed directory (jre/lib/security/

searching for this line:

jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024

Then change 1024 to 256 and save.

Finanlly got it working.
Brocade Web Tools Verifying Application Window

Brocade Switch Login Window

Initializing Brocade Web Tools

Finally, Brocade Web Tools Interface shows up. 
Brocade Web Tools Interface

No comments:

Post a Comment