Access-list in Cisco 3560 Series Switch

Similar Messages

• What's the password to logon the 3560 series switch on express setup

  what's the password to logon the 3560 series switch on express setup

  Hi Samuel,
  The 3560 doesn't have a password configured on it by default. You may want to double check the procedure for accessing Express Setup in case a step was missed:
  http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst3560/hardware/quick/guide/3560gsg_08.html#wp49930
  If that still doesn't work, you can reset the switch to factory defaults by following this guide:
  http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst3560/hardware/quick/guide/3560gsg_08.html#wp46478
  Hope that helps.
  -Mike

• Cisco 500 series switches

  Dear support,
  Can Cisco 500 series switches deliver 24V on the access port for POE operation?
  Best Regards

  I belive the 802..2F and 802.2at poe standard is strictly 48v.  I haven't found anything to the contrary.  There are inline convertes 48v-24v or something like this that can be used with a non poe switch: http://www.digital-loggers.com/poe24.html but that means all conected device would be off the same access port / vlan. 

• Cisco MDS series switch details

  Hello I 'm new to CISCO  Switch world.
  I 'm working as Clariion Admin and have have taken up the responsibilty to manage switches.Since,i am a novice i need little guidance on how work on cisco switches.I know the Zoning (how zoning done on MDS 9000 series switches) part ,but would like to venture deep into the details on CISCO MDS series switches.
  Like, the use of Port channels etc.
  Will really appreciate if some one can help me with a link or place ( not the configuration guide) where in i can find details on concentrated more on the theory part .
  Thanks in advance!

  Actually the best info is in the configuration guides.  There are some external companies that run training sessions on the MDS to provide in depth training.  There is the MDS cookbook available on CCO that is also a good point of information.    If you search on 'MDS white papers' after you login into Cisco.com, there are several good documents that might meet your needs.
  Hope this hels,
  Mike

• Cisco 4500 series switch

  Dear support taem, in cisco 4500 series switch i am getting error interface TenGigabitethernet 1/14 utlization threshold violated.current in traffic 705.228 (70.52 %) and out traffic 707.462 ( 70.75 %) whereas configured threshold is 30 %.
  i have checked on switch but qos is there in configuration.
  where i need to check if any restriction is there for incoming and outgoing traffic.
  and what necassery troubleshooting i need to be done.

  This looks like a policy shaping.

• Cisco 4003 series switch

  Hi...All.
  In cisco 4003 series switch i m getting error in post test its says , rtc failed, after that supervisorengineer wxx4012 LED status is Red.can any one tell me wt that means and hw to solve that problem.

  plz fine the post test script...
  003-B-Ground> (enable) 0:00.523556: Please set IPAddr variable
  0:00.524147: Please set Netmask variable
  0:00.524511: Please set Broadcast variable
  0:00.525113: Please set TftpServer variable to do tftp downloads
  0:00.525658: Network is not configured
  WS-X4012 bootrom version 5.4(1), built on 2000.02.17 18:28:09
  H/W Revisions: Meteor: 4 Comet: 8 Board: 2
  Supervisor MAC addresses: 00:02:16:d2:5a:00 through 00:02:16:d2:5d:ff (1024 addr
  esses)
  Installed memory: 64 MB
  Testing LEDs.... done!
  The system will autoboot in 5 seconds.
  Type control-C to prevent autobooting.
  rommon 1 >
  The system will now begin autobooting.
  Autobooting image: "bootflash:cat4000.5-4-2.bin"
  CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
  CCCCCCCCCCCCCCCCCCCCCCCCCCC#############################
  Starting Off-line Diagnostics
  Mapping in TempFs
  Board type is WS-X4012
  DiagBootMode value is "post"
  Telling ApkPageMan that we have 12288 pages of memory
  Loading diagnostics...
  Power-on-self-test for Module 1: WS-X4012
  Status: (. = Pass, F = Fail)
  processor: . cpu sdram: . rtc: F
  eprom: . nvram: . flash: .
  temperature sensor: . enet console port: . switch port 0: .
  switch port 1: . switch port 2: . switch port 3: .
  switch port 4: . switch port 5: . switch port 6: .
  switch port 7: . switch port 8: . switch port 9: .
  switch port 10: . switch port 11: . switch registers: .
  switch sram: .
  Module 1 Failed
  Power-on-self-test for Module 2: not present
  Port status: (. = Pass, F = Fail)
  Module 2 Ignored
  Power-on-self-test for Module 3: not present
  Port status: (. = Pass, F = Fail)
  Module 3 Ignored
  Exiting Off-line Diagnostics
  Failed Module Bringup Process
  Use 'show test 1' to see results of tests.
  Cisco Systems, Inc. Console

• Cisco 300 series switches with 802.3at standard

  I'm a bit confused as to which of the 300 series switches supports the 802.3at standard. According to the website, the SG300-28P supports it. But in the quick start guide for the 300 series, only the MP models (excluding the SF302-08MP and SG300-10MP) including the SG300-52P has it. Can someone give me a difinitive answer to this? Thanks!

  LJ,
  P    = PoE capable. On the 300 series, half of the ports can provide 15.4W, or all can provide half that.
  PoE+ is NOT SUPPORTED.
  MP = Maximum Power. This means that all ports can provide up to 15.4W. PoE+ is supported on some models only.
  PP = PoE Plus. Can provide up to 30W on a single port. Note the maximum PoE budget for each switch. Also,
  half of the ports can provide 15.4W, or all can provide half that - any extra power used by PoE+
  MPP = Maximum Power and PoE Plus. This means that all ports can provide up to 15.4W - any extra power used by PoE+
  According to the Data Sheet:
  "Switches support 802.3at PoE+, 802.3af, and Cisco pre-standard (legacy) PoE. Maximum power of 30.0W to any 10/100 or Gigabit Ethernet port for PoE+ supported devices and 15.4W for PoE supported devices, until the PoE budget for the switch is reached"
  The PoE+ models are brand new and are not widey available yet. I did a web search for SG300-28PP and found that at least a few online resellers have it in stock.
  - Marty
  Message was edited by: Martin Pyhala

• SFE2000 IP Access List is locking up the switch

  Hi, i'm using brand new 1 X SFE2000, 1 X RV082 as router and 2 X  WAP2000 with linksys power injectors in my network. I would like to have 3 VLANs. first one would be a management vlan, second an admin vlan and the last one a customer vlan. management would be used for computer tech to manage the equipment. the admin Vlan would be used for all the employees, the AD win2k8 server will be on this vlan too. the customer vlan would be used only to get to the internet. VLan 1 would speak to 2 and 3, but 2 and 3 would not speak to each other. I will relay the AD DHCP server on the 3 vlan. The switch is on layer 3 protocol.
  Here is my problem, as soon as i activate the IP access list, the switch is locking up and the only way i can get it to work is to go back to a previous saved config without IP access list activated. i'm activating IP access list with all access to any vlan...and still the same problem... MAC access list is working perfectly.
  i'm having the latest firmware...
  any advice would be welcome !
  thanks alot !

  I did not change my native/management VLAN. This is not supported. My default gateway is 192.168.11.253. My VLAN 1 is 192.168.11.0/24, VLAN 2 is 192.168.12.254, VLAN 3 is 192.168.3.254. Configured interfaces are e2-5. Do NOT attempt to use ANY/protocol type 255 on the interface. ACL/ACEs are as follows:
  permit ip 192.168.3.0 0.0.0.255 192.168.11.253 0.0.0.0
  permit ip 192.168.11.0 0.0.0.255 any
  permit ip 192.168.2.0 0.0.0.255 192.168.11.0 0.0.0.255
  Or the whole config (default login. also attached)
  interface range ethernet e(2-4) switchport mode access exit vlan database vlan 1-3 exit interface ethernet e2 switchport access vlan 1 exit interface ethernet e5 switchport trunk native vlan 1 exit interface ethernet e3 switchport access vlan 2 exit interface ethernet e5 switchport trunk allowed vlan add 2 exit interface ethernet e4 switchport access vlan 3 exit interface ethernet e5 switchport trunk allowed vlan add 3 exit interface vlan 1 ip address 192.168.11.254 255.255.255.0 exit interface vlan 2 ip address 192.168.12.254 255.255.255.0 exit interface vlan 3 ip address 192.168.3.254 255.255.255.0 exit interface vlan 100 ip address 192.168.1.254 255.255.255.0 exit ip route 0.0.0.0 0.0.0.0 192.168.11.253 ip access-list ACL1 permit ip 192.168.3.0 0.0.0.255 192.168.11.253 0.0.0.0 permit ip 192.168.11.0 0.0.0.255 any permit ip 192.168.2.0 0.0.0.255 192.168.11.0 0.0.0.255 exit interface ethernet e2 service-acl input ACL1 exit interface ethernet e3 service-acl input ACL1 exit interface ethernet e4 service-acl input ACL1 exit interface ethernet e5 service-acl input ACL1 exit username L1_admin password dcdf2920272f76e823f0633b329881df level 15 encrypted username admin password d41d8cd98f00b204e9800998ecf8427e level 15 encrypted

• Extended access list on Cisco routers

  Can you edit an access list without delete the entire list? In other words, can you remove a sequence entry with the access list?
  Thanks

  Yes, you can.  If you do sh access-list, the router will show the sequence number.  You can than add a sequence, delete a sequence or change one.
  For example  if you have an acces-list like this:
  Extended IP access list test
  10 deny ip 10.10.10.0 0.0.0.255 any log
  15 deny ip 11.11.11.0 0.0.0.255 any log
  you can now add a new sequence between 10 and 15
  11 deny ip 172.16.10.0 0.0.0.255 any log
  You just have to make sure to use the sequence number when you create the last access-list
  HTH

• Unable to hard code the ports of cisco 3750x series switch

  hello,
  I have tried with hardcode to 1000 7 Full on the ports which are connected to another switch.
  After changing the port to auto from one side of the switch port came up. Is there any solution to make port up when both sides are hard coded to 1000 & full duplex.
  Simple Words:
  Switch 1 --> Switch 2 --> Hard coded to 1000 & Full --> Down.
  Switch 1 --> Switch 2 --> Auto on one end to Switch 1  --> Up.
  Switch model:
  Switch 1 Cisco 3750x (Gi Switch)
  Switch 2 Cisco 3750 (Gi Switch)
  Regards,
  Ezra.

  Disclaimer
  The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.
  Liability Disclaimer
  In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.
  Posting
  Yes, it's possible without a straight through cable, enable auto/auto both sides.    Otherwise you'll need a cross-over cable.
  BTW, if your standard is hard coding copper gig ports, for speed and duplex, you might consider bringing your standard up to date.  Copper gig standard went much further in how auto/auto is supposed to work.  By disabling auto/auto, I believe, you're also disabling some error monitoring too.  Generally, all the major players, e.g. Cisco, would recommend auto/auto for copper gig Ethernet.

• Cisco 2960 Series Switch Architecture

  Hi all,
  I wanted to know if there is a document or an article which describes 2960 series architecture specifically for model WS-C2960-24-S as there is for 2600 series in the following link:
  http://www.cisco.com/c/en/us/support/docs/routers/2600-series-multiservice-platforms/23852-2600-architecture-23852.html
  Thanks.

  Hi,
  You should be able to find the information that you need here:
  http://www.cisco.com/c/en/us/support/switches/catalyst-2960-24-s-switch/model.html
  Thanks,
  Jake

• Cisco 300 series switches

  hi all
  Ive looked through some of the online content but dont see a definitive answer to my question about the physical size of the switches, are they all 19" rack mountable or desktop?
  I look forward to a confirmation..

  LJ,
  P    = PoE capable. On the 300 series, half of the ports can provide 15.4W, or all can provide half that.
  PoE+ is NOT SUPPORTED.
  MP = Maximum Power. This means that all ports can provide up to 15.4W. PoE+ is supported on some models only.
  PP = PoE Plus. Can provide up to 30W on a single port. Note the maximum PoE budget for each switch. Also,
  half of the ports can provide 15.4W, or all can provide half that - any extra power used by PoE+
  MPP = Maximum Power and PoE Plus. This means that all ports can provide up to 15.4W - any extra power used by PoE+
  According to the Data Sheet:
  "Switches support 802.3at PoE+, 802.3af, and Cisco pre-standard (legacy) PoE. Maximum power of 30.0W to any 10/100 or Gigabit Ethernet port for PoE+ supported devices and 15.4W for PoE supported devices, until the PoE budget for the switch is reached"
  The PoE+ models are brand new and are not widey available yet. I did a web search for SG300-28PP and found that at least a few online resellers have it in stock.
  - Marty
  Message was edited by: Martin Pyhala

• Scripting reboot for Cisco 300 Series switches

  I would like to have some help putting together a script for rebooting our 300 series POE switches. I have about 150 at this stage to administer and it would make it much easier not to have to remotely reboot them. The IP settings will be the same for each location and we have about 2-5 in each location. I will be logging in through logmein to each remote server, and will run the scripts from this to the local switches. Any help would be appreciated.

  I was playing with my Indigo on an SG-500 and it seems to work.  Create a session for each switch and in the session properties for each switch enter your crendentials (user/pass) IP/port, etc, I was using telnet, port 23 for this and then under the send command tab, on connection I entered:
  reload
  y
  One command per line up to 20 commands I believe and it connected, I saw my prompts and replies and then shutting down.
  So if you try this you can just go down the file tree list for switches with cameras than need a reboot and restart the entire switch if you like, quick and easy.
  You could also add a folder for each switch and a session in that folder possibly for each camera/port with online port number changing for each camera in the session properties and then selectively cycle power for just the affected cameras.
  Example for port 22/camera xxxx:
  conf t
  int gi22 
  power inline never
  power inline auto
  It would take a fair amount of time to set up but once done you could just pick a switch folder and the port in that switch to cycle.  If you have multiple port on a switch you could use
  conf t
  int range gi22-24
  or 
  int range gi1,6,16,20
  power inline never
  power inline auto
  might have to verify that syntax

• Cisco 4500 series switch-Supervisor Engine.

  Is it possible to add two different supervisor engine module in a chassis(WS-C4507R+E Chassis)? (WS-X45-SUP7E in slot 3 and WS-X45-SUP6E-
  Redundancy in slot number 4)

  http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/RPR.html
  Redundancy requires both supervisor engines in the  chassis to be of the same supervisor engine model (same model, same  memory, NFL daughter card and so on), and to use the same Cisco IOS  software image.
  Thanks
  Hari.Sivaji

• 3560 Series Switches

  I have been looking at these 3560's and it looks like they are just 3750's without the stacking bus.
  Can anyone confirm?
  Daniel

  The 32G backplane in 3750 comes from Stackwise and hence cannot be the same in 3560. The following page should help you out
  http://www.cisco.com/warp/public/765/tools/quickreference/catalyst3x00.pdf
  VRF Lite is supported in 3560 from 12.2(25)SEC.