3

We just purchased a Cisco/Linksys SRW 248G4 switch to try it out. We have always had unmanaged switches before, and this is our first "somewhat managed" switch.

So far the major limitations are:

  • Only Internet Explorer 6 (manual says IE 5.5!) works for the web interface
  • SSH exists but is not practically useable because the only key length that is supported is no longer even used by most modern SSH installs. (I get the error "RSA modulus too small" in openssh 4.x/5.x)

This is with the latest firmware revision, I believe, although Cisco's website does not actually tell you what version you're downloading. All in all, I think, they must be trying to tell me that if I want a good-quality switch, I shouldn't buy these SRWs and should buy a Dell or an HP ProCurve, or save up my pennies, and buy a Catalyst.

The question here, then, at long last:

  • Has anyone gotten the web-browser to work via some IE 7 or IE 8 compatibility mode settings or used another browser (Opera? KDE/Safari/WebKit?) and spoofed IE6?

  • Is there any way to get the SSH key length upgraded? I'm guessing a 0% chance of a yes on that last one.

I found an XP machine, used telnet (via PuttyTel.exe) and IE6 to set this up, and I doubt we'll have to touch it again. Which is fine with us. But it would be nice if I could administer this thing from either (a) a linux box, or (b) my primary desktop which is windows 7. It looks like XPMode with IE6 on the virtual XP machine may be my only way to administer this type of switch via the web.

[EDIT: I should add, that the only google-hit for workarounds, is for an IE6 plugin-tab for Firefox, which doesn't work with the latest FireFox 3.6.3: https://addons.mozilla.org/en-US/firefox/addon/1419 ]

Warren P
  • 1,195
  • 7
  • 20
  • 35

2 Answers2

1

There is a plug-in for firefox called user agent switcher that will allow you spoof the browser as IE 6. The USER-AGENT is specified in the http header and that is how web servers or software libraries can identify the browser of the client.

My personal recommendation is that if you can afford it, when you buy a managed switch from Cisco get a catalyst switch. These are the real switches and 24 port entry level ones will run you around ~500 new. Not cheaping out on network equipment is wise since its failure in most set ups will bring everything down in my opinion.

Kyle Brandt
  • 82,107
  • 71
  • 302
  • 444
0

That line of switches is cheap, but, has very good performance for the dollar. We use IE8 and turn on Compatibility mode and are able to manage them. The benefit is that you can set 90% of what you need through the command line and the rest of it you need to set up once. I believe SNMP, Span Ports, VLAN, LACP trunking all require the web interface, but, those are usually configured once. We actually use remote desktop from machines to a headless Windows machine when we need to admin these.

Key length upgraded, no. I believe they would have to specify two different firmwares to get the longer key excluded from being exported to ITAR countries. I've not run into the modulus too small issue, but, if you ssh in, you can look at the versions and there is a page that shows the version before downloading on Cisco's site once you've created a CCO login. I've not done it in a while, but, I do recall it listing the versions on a separate download page AFTER you agree to the license and then click the button that says 'Download Manually'.

As an added feature, you can set the default gateway to 0.0.0.0 so that the switch isn't able to route out of your network.

  • They are truly a good dollar value, it's just a shame the firmware is so old and the Web UI so glitchy. – Warren P Apr 19 '10 at 13:56