Aruba MAS series SFP+ & POE+ switches sub-$100

[AndyO]

@AndyO Where is your DHCP server, the ASUS router? And my money is on your spanning tree blocking ports when it's connected to the switch. Do a

show spanning-tree detail

on the command line to see if it's blocking the port. That caught me when I was hooking it up and couldn't access the network when it was connected to another switch upstream.

edit: AVM60 here I am thinking of an X4500 to replace my X2300!

So - this is kind of strange... I was down at the switch, stepping through the menus on the front panel and I forgot to engage brain before activating fingers - I inadvertently hit "Factory Reset". So - back to the Quick GUI setup - it gave me an error when I tried not to have any upstream ports, but I pressed on. Since I had my PC rewired to connect to the switch directly (sure glad I pulled 5 runs of CAT6 when we built the house) I figured I'd leave it there and see if everything worked. Somehow it does. WTF?

Just to be safe, below is the output of "show spanning-tree detail". I do have to say that even though I was a technical "guru" at Digital, back when we invented bridges, routers, spanning-tree, 10BaseT, etc., and product managed network hardware/software through about 2000, this is all unintelligible to me. So, thanks for the help!

(ArubaS2500-24P-US) #show spanning-tree detail

MST 0

vlans mapped         : 1-4094
Configuration Digest : 0xAC36177F50283CD4B83821D8AB26DE62

Root ID            Address: 98f7.d741.bb25,  Priority: 28672
Regional Root ID   Address: 000b.8685.1400,  Priority: 32768
Bridge ID          Address: 000b.8685.1400,  Priority: 32768
External root path cost 20000, Internal root path cost 0
Last TC received on intf GE0/0/0, on 2019-04-30 04:04:13 (EDT)

Interface  Role  State  Port Id  Cost    Type
---------  ----  -----  -------  ----    ----
GE0/0/0    Root  FWD    128.1    20000   P2p Bound
GE0/0/1    Desg  FWD    128.2    20000   P2p
GE0/0/3    Desg  FWD    128.4    200000  P2p
GE0/0/6    Desg  FWD    128.7    200000  P2p
GE0/0/9    Desg  FWD    128.10   20000   P2p
GE0/1/0    Desg  FWD    128.129  2000    P2p

 

[kiteboarder]

Does anyone know if it's possible to manually set the fans speed? I'm running mine in a garage and would like to be able to set all fans to max RPM at all times.

Thanks!

 

[AndyO]

Does anyone know if it's possible to manually set the fans speed? I'm running mine in a garage and would like to be able to set all fans to max RPM at all times.

Thanks!

I can't help you with that although there are some commands about fans (see the user and cli guides). I can say that with about 10 of 24 twisted pair and 2 of 4 SFP+ ports in use mine runs just fine with the default fan settings.

 

[Samir]

Does anyone know if it's possible to manually set the fans speed? I'm running mine in a garage and would like to be able to set all fans to max RPM at all times.

Thanks!

I'm not sure about these fans in particular, but most 3/4 pin pwm fans have a single wire that allows the pwm function to work. I use a small screwdriver or pen to push down on the terminal on the connector so I can remove the lead from the connector. Then I tape up that lead so that it doesn't contact anything else and plug the connector back in and the fan stays floored since it's getting no pwm signal even if the device is sending a pwm signal.

 

[AndyO]

I'm not sure about these fans in particular, but most 3/4 pin pwm fans have a single wire that allows the pwm function to work. I use a small screwdriver or pen to push down on the terminal on the connector so I can remove the lead from the connector. Then I tape up that lead so that it doesn't contact anything else and plug the connector back in and the fan stays floored since it's getting no pwm signal even if the device is sending a pwm signal.

Or, you could just snip that wire and wrap the end with electrical tape and not have to take the plug apart...

 

[kiteboarder]

Hi guys, thanks for the suggestions thus far.

I have read through all the documentation and unfortunately haven't found any CLI commands to manually set fan speed.

I'm running about 20 PoE devices and a handful of non PoE on a 48 port 2500. The bottom of the unit is hot enough that you don't want to leave your hand on it for long. But it's working just fine... Just thought I would ramp up the fans if possible.

Thanks again.

 

[hlidskialf]

I've got mine configured and can access via my browser. However, I can't get a ssh session to start in order to CLI the stacking ports into regular.
Any tips? Attempts to ssh in as either root or admin give me:

Unable to negotiate with 192.168.88.250 port 22: no matching cipher found. Their offer: aes128-cbc,aes256-cbc

Any ideas would be appreciated.

 

[mimino]

I've got mine configured and can access via my browser. However, I can't get a ssh session to start in order to CLI the stacking ports into regular.
Any tips? Attempts to ssh in as either root or admin give me:

Unable to negotiate with 192.168.88.250 port 22: no matching cipher found. Their offer: aes128-cbc,aes256-cbc

Any ideas would be appreciated.

Make sure your ssh client can use either
aes128-cbc or aes256-cbc cipher? Seems like the server is offering either but it's the client that is unable to negotiate.

 

[hlidskialf]

Alright, that's a little above my head. I'm trying to connect from an Arch install and had ssh installed ages ago when I set it up. I'll do some snooping and see what sense I can make of that.
Cheers!

 

[Dave Corder]

I've got mine configured and can access via my browser. However, I can't get a ssh session to start in order to CLI the stacking ports into regular.
Any tips? Attempts to ssh in as either root or admin give me:

Unable to negotiate with 192.168.88.250 port 22: no matching cipher found. Their offer: aes128-cbc,aes256-cbc

Any ideas would be appreciated.

ssh error: unable to negotiate with IP: no matching cipher found

Try:

ssh -c aes128-cbc admin@192.168.88.250

 

[hlidskialf]

Got it. (Easy fix btw.)
I'm running openssh and while acsxxx ciphers are recognized, they are not enabled by default. You need to edit the /etc/ssh/ssh_config and uncomment out the line allowing those ciphers.
Thanks so much! (I swear the more I learn the more networking intimidates me.)

 

[cheezehead]

Got it. (Easy fix btw.)
I'm running openssh and while acsxxx ciphers are recognized, they are not enabled by default. You need to edit the /etc/ssh/ssh_config and uncomment out the line allowing those ciphers.
Thanks so much! (I swear the more I learn the more networking intimidates me.)

Also make sure to update the firmware if you haven't already. I've seen some cipher availability change with the newer code.

 

[hlidskialf]

Also make sure to update the firmware if you haven't already. I've seen some cipher availability change with the newer code.

Oh, I had. The rest of it went smoothly thanks to this thread here and the vid by ViciousXUSMC.

I'm moving over from using a Mikrotik CRS326, and the flavour of the Aruba is delightful. I've been a long time Mikrotik fan, and still use one of their routers, but compared to the Aruba they just feel... 3/4 finished. It's not my first piece of enterprise equipment, but it's the one where it's been the most apparent.

Now to re-search the thread and find a couple working DACs. The ones I have don't work, but at least my workstation connects just fine with fiber.

 

[Markess]

I'm finally getting around to replacing my janky direct connected 10G setup for my home office/lab/money sink and notice that the S2500 on eBay seems to have gone up about 50% from what they were in the OP.

There's someone local with an S3500, 24T with single PSU & 10G module, for $75 (less than the OP's price for them) and I was wondering if anyone had any experience with those? The seller doesn't know anything about them other than it worked when it was pulled.

Seems like the S2500 didn't require extra licensing or subscriptions, is the S3500 similar? I'd want to delete the stacking of the 10G ports as others have done here with the S2500 for example. And, does any one know if the power draw on the S3500 with single PSU is comparable to the S2500?

My overly complex home network cabling thanks you for any insights

 

[cheezehead]

I'm finally getting around to replacing my janky direct connected 10G setup for my home office/lab/money sink and notice that the S2500 on eBay seems to have gone up about 50% from what they were in the OP.

There's someone local with an S3500, 24T with single PSU & 10G module, for $75 (less than the OP's price for them) and I was wondering if anyone had any experience with those? The seller doesn't know anything about them other than it worked when it was pulled.

Seems like the S2500 didn't require extra licensing or subscriptions, is the S3500 similar? I'd want to delete the stacking of the 10G ports as others have done here with the S2500 for example. And, does any one know if the power draw on the S3500 with single PSU is comparable to the S2500?

My overly complex home network cabling thanks you for any insights

There's no extra licensing/subscription on the switch itself, if you want the 802.1x radius vlan assignment functionality (aka colorless ports) then like the S2500 you'd need the clearpass licensing..

3500-24T over the 2500-24T
5" deeper
4-5lb heavier
5db louder per spec...but once fan control kicks I'm not sure
Dual-PSU capable and hot-swappable. Note: there are two sizes, i'm assuming it's coming with the smaller 350w vs the larger 600w typically on the POE variant.
The 350w PSU is larger than the 150w on the 2500-24T but smaller than the 580w on the 2500-24P, I would assume power draw would be somewhere in the middle.
If it were the POE variant, the POE budget would allow for 24-ports of POE+ as well.

The 3500's costed a bit more and were more than what most of us were looking for which is why the focus was originally on the 2500's, functionally it should be very similar to what others of have seen on the 2500's.

 

[Markess]

5db louder per spec...but once fan control kicks I'm not sure

That might be the deal breaker! To maintain Spousal Approval, all my equipment is located in my "home office", a large room that my two teens have their computers in as well. They already complain about the noise, even though I've worked hard to make everything pretty quiet. The daisychained adapters in all my boxes may be amateur hour, but they're silent. So, I may just need to keep them for a while longer.

 

[cheezehead]

That might be the deal breaker! To maintain Spousal Approval, all my equipment is located in my "home office", a large room that my two teens have their computers in as well. They already complain about the noise, even though I've worked hard to make everything pretty quiet. The daisychained adapters in all my boxes may be amateur hour, but they're silent. So, I may just need to keep them for a while longer.

Or could fan mod them....look back through this thread, some have replaced fans to make them quieter.

 

[kiteboarder]

I replaced the four fans with these:
Evercool 40x40x20mm PWM Ball Bearing Fan 12V-EC4020SH12BP

On my 48P model, it's now nearly silent, but it does run quite warm / borderline hot to the touch. Best if you can have air space above and below to prevent heat transfer to neighboring devices.

 

[Markess]

I replaced the four fans with these:
Evercool 40x40x20mm PWM Ball Bearing Fan 12V-EC4020SH12BP

On my 48P model, it's now nearly silent, but it does run quite warm / borderline hot to the touch. Best if you can have air space above and below to prevent heat transfer to neighboring devices.

Thanks for the tip. I wound up going for one of the S3500-24T & a 10G module that @cheezehead wrote up in another post. I'll probably only use the 10G and one of the 1Gb, so hopefully it won't warm up too much if I decide to replace the fans.

 

[Markess]

Later on I am going to disable unused ports and see if I get savings

Has anyone tried this? I thought to try this myself, but can't seem to find the correct command. I've got 20 unused Gigabit ports on my S3500-24T and am curious if disabling them reduces the power draw.