Web application for managing Cisco switches via SSH
- assign description, VLAN and VoIP-capability to a switchport
- trunk ports are hidden by default to avoid accidentally changes on those ports
- webserver connects to switches via SSH
- create maps with the position of your switches
- overview over the usage of your switch using the port matrix or port list
- mac address search
- bulk password change for one user account on all switches
- optimized for mobile devices
- dark mode!!
- Server
- Linux-based operating system (Debian/Ubuntu recommended)
- Apache2 webserver
- PHP 7 or 8 with
php-ssh2package
- Client
- Chromium-based browser or Firefox
- JavaScript enabled
- Install packages (example for Debian):
apt install apache2 php php-ssh2 - Copy all files into your webserver directory
- Make sure
AllowOverride Allis set in your Apache config for the webserver directory, in order to deny access to the "maps" directory for non-authenticated users (see.htaccessfile in this directory). - Create/Edit the config file
config.php(please refer to the explanation and example in the fileconfig.php.example)- add the vlans you need to the array VISIBLE_VLAN
- add the switches you want to manage to the array SWITCHES (at least one)
- (optional) set the VOICE_VLAN (integer)
- (optional) enable the password change feature
- (optional) create maps using the array MAPS
- Open
index.phpin your browser, log in with an SSH account on your switch and your LDAP account if configured.
Docker is currently used/recommended for development/testing purposes only.
Create your config file config.php as described above, the execute:
docker compose down
docker compose build --no-cache
docker compose up
- Please only use HTTPS (except you are accessing the site only via localhost). Redirect all HTTP requests to HTTPS.
- Keep your server always up to date.
- Limit the access (via Apache config) to IP addresses that really need it.
- Do not make this webapp available on the internet (to avoid brute force attacks) - configure your Apache and/or firewall to only serve this page inside your internal network.
- LDAP Authentication: You can configure your switches to ask a RADIUS server (which can for example authenticate against an LDAP/AD server) for authenticating the SSH connections.
This application parses the SSH response from your switch. Therefore, your switch has to produce output in a specific format as shown in docs/Example-SSH-Output.txt in order to be compatible with this application. Please check if your switch supports the necessary commands (and syntax) in the example file and if it produces similar output.
To apply a custom (corporate) design, you can create a file css/custom.css which will be included in the HTML head automatically. With this, you can e.g. easily change the logo: #logo { background-image: url('mylogo.png') }.
I'm interested if your switch model is compatible (or not) with this application. Please let me know on Github (make an Issue) or via email. Thanks!
- SVG-Loader by SamHerbert, MIT License
https://github.com/SamHerbert/SVG-Loaders - Material Icons, Apache License 2.0
https://material.io/tools/icons - Switch & Key Icons from draw.io
https://draw.io
GPL v3, see LICENSE.txt