Catalyst 2960 for my LAN WS-c2960-48TC-S vs WS-c2960-48TC-L

Similar Messages

• SFP Mini-GBIC for Catalyst 2960

  We are looking at getting the SFP Mini-GBIC from HP HP-J4858C.  This transceiver module is Gigabit-SX-LC Mini-GBIC.  Will this module work on our Catalyst 2960 PoE switches and will it also work using a MultiMode fiber?

  I've used non-Cisco GBICs successfully in Cisco gear. In the event of a problem related to the link, the TAC MAY refer you back to the HP or suggest using a Cisco transceiver.
  Running a multimode connection that close to the length limit is not the best idea but if that's all you have installed (and you can't get a single mode link installed) then it is what it is. A single mode GBIC WILL NOT operate over multimode fiber.
  The high level specs cite distance but the real indicator of usability is better characterized by loss. As long as you getting adequate light levels at the receiver, you will be OK. Problem is, it's not easy to tell light levels (on a non-SMD type transceiver such as Leo suggested) without some relatively costly measurement equipment.

• SNMP, Query dot1dStpPortState on Catalyst 2960-S

  Hi Community,
  I would like to be able to query the dot1dStpPortState obect on the Catalyst 2960-S on our LAN . Im running firmware
  c2960s-universalk9-mz.122-55.SE2.bin and according to the Cisco SNMP Object Navigator the object is supported (via the BRIDGE-MIB).
  However when i query using snmpwalk from my workstation :
  snmpwalk -v 2c -c bic-zua-ro 10.u.y.x 1.3.6.1.2.1.17.2.15.1.3
  I recieve and error .
  SNMPv2-SMI::mib-2.17.2.15.1.3 = No Such Instance currently exists at this OID
  For the sake of comparison, querying our 4700 :
  snmpwalk -v 2c -c bic-zua-ro 10.u.y.x 1.3.6.1.2.1.17.2.15.1.3
  returns (as expected, cropped)
  SNMPv2-SMI::mib-2.17.2.15.1.3.1 = INTEGER: 5
  SNMPv2-SMI::mib-2.17.2.15.1.3.3 = INTEGER: 5
  SNMPv2-SMI::mib-2.17.2.15.1.3.40 = INTEGER: 5
  SNMPv2-SMI::mib-2.17.2.15.1.3.67 = INTEGER: 5
  SNMPv2-SMI::mib-2.17.2.15.1.3.104 = INTEGER: 5
  SNMPv2-SMI::mib-2.17.2.15.1.3.257 = INTEGER: 5
  SNMPv2-SMI::mib-2.17.2.15.1.3.258 = INTEGER: 5
  SNMPv2-SMI::mib-2.17.2.15.1.3.259 = INTEGER: 5
  Is there some special configuration i need to do on our 2960's. The only snmp related settings i can see in the running config is snmp-server community. In this case :
  snmp-server community bic-zua-ro RO
  Thanks in advance for any comments/ assistance.
  Rgds
  Ian

  Hi Vinod,
  Wow, thanks for your prompt reply. Output from filtered running config pasted below
  TVS-Stack17#sh run | inclu snmp
  snmp-server community bic-zua-ro RO
  Interestingly when i walk the entire dot1dBridge (1.3.6.1.2.1.17) i recieve lots of data from both dot1dBase (1) and dot1dTp (4) but nothing from dot1dStp (2)
  I tried portAdditionalOperStatus and did not recieve any response but got lots of data from its patent  portEntry (1)
  Running show spann on the 2960 stack i can see various ports in forwarding and blocking start as i would expect.
  Rgds,
  Ian

• Gbic loop on catalyst 2960

  Hello,
  I would like to know if there is a way to validate that a SFP type 1000baseLX is working properly on catalyst 2960.
  I am looking for the loop feature that is available on routers.... but not on switches.
  The topology is 2 catalyst 2960 switches with both SFP type 1000baseLX connected together with a fiber. This was working find but actually, the two interfaces are down/down.
  The idea is to be sure that the problem is on the fiber and not on one of the SFP....
  Thank You for your help.

  UniDirectional Link Detection (UDLD) addresses your concern regarding the fiber. See http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_46_se/configuration/guide/swudld.html for more information.
  For the SFPs themselves, you might want to review http://www.cisco.com/en/US/products/hw/modules/ps4999/products_tech_note09186a00807a30d6.shtml for more information.
  Hope this helps.

• Cisco Network Assistant MAC search in Catalyst 2960

  Hi,
  Since I updated a Catalyst 2960 switch to IOS version 12.2(55)SE1 I can't do searchs by MAC address, when I do "Monitor->Search" the following error appears:
  "The software version of the selected switch does not support some of the CLI commands in read-only mode for this window. You must have read-write access to this switch to display complete information in this window"
  If packets are captured you can see that the issued command by the CNA host is "GET /exec/show/mac-address-table/", the answer from the switch is:
  "show mac-address-table
                  ^
  % Invalid input detected at '^' marker.
  If I do "Configure->Switching->MAC Address" instead I get the mac address-table correctly. In this case the issued command is "GET /exec/show/mac/address-table/dynamic" and no error is displayed, the answer from the switch is the list of mac-address table.

  I have some site admins that use CNA.  I just upgraded their LAN to 3560v2 switches running 12.2(58)SE2 and had them upgrade their CNA software to CNA 5.7(6).  They reported the same error.
  I think you clearly indentified the problem.  At one time the IOS command parser accepted both "show mac-address" and "show mac address".  At some point IOS stopped accepting the older "show mac-address" format, and CNA is still issuing this command regardless of the IOS version it is trying to manage.

• Installed wrong image on Cisco Catalyst 2960

  some time ago I did an IOS upgrade on the Catalyst 2960, however I used the wrong image and caused the switch CAN NOT load properly. My switch is c2960 but I used c2960s, what a big mistake. 
  When the switch boots, and it hangs on the execution of the image, because c2960s image will not work on c2960. 
  Anyone got some idea how I can fix this? I tried to restart the switch and pressed "Break" on the terminal, and it didn't stopped.
  Using driver version 1 for media type 1
  Base ethernet MAC Address: fc:fb:fb:f4:5b:00
  Xmodem file system is available.
  The password-recovery mechanism is enabled.
  Initializing Flash...
  mifs[2]: 0 files, 1 directories
  mifs[2]: Total bytes     :    3870720
  mifs[2]: Bytes used      :       1024
  mifs[2]: Bytes available :    3869696
  mifs[2]: mifs fsck took 0 seconds.
  mifs[3]: 529 files, 19 directories
  mifs[3]: Total bytes     :   27998208
  mifs[3]: Bytes used      :   24108032
  mifs[3]: Bytes available :    3890176
  mifs[3]: mifs fsck took 11 seconds.
  ...done Initializing Flash.
  done.
  Loading "flash:/c2960s-universalk9-mz.122-58.SE1.bin"...@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
  File "flash:/c2960s-universalk9-mz.122-58.SE1.bin" uncompressed and installed, entry point: 0x3000
  executing...
  Thanks,
  David 

  Hi David,
  You have interuppt and get to the rommon mode and give boot: <old IOS image> if you have....
  if that has been deleted.... then you have go with the recovery procedures like x modem or something
  Regards
  Karthik

• Catalyst 2960 vs 3750

  Long time reader here but first time poster. I am looking into upgrading our network switches soon and I'm trying to decide on a design now. Let me give some background information on the network.
  Currently we have a Catalyst 5513 with a Supervisor II, ten 24 port 10/100 cards and a 12 port fiber card installed. There are also two 48 port Alcatel switches that are uplinked to the 5500 as well as six Catalyst 2900XLs (on the factory floor) uplinked to it via fiber. There are about 40 servers and 350clients in total in the building. All servers and most of the clients in the office are connected directly to the 5513. We will be consolidating buildings soon and plan on adding another 200 devices to the network (office and factory floor area).
  I was thinking we should get two Catalyst 3750G-48TS and a 3750G-12S in a stack for the core switch. Then use Catalyst 2960-48TC-L switches uplinked to the 3570 stack for the access layer. Does this make more sense than directly connecting all the clients and servers directly to the 3570 stack? What would be the advantages/disadvantages of each setup besides cost?
  Thanks for any help you can provide!

  I tend to go with a more modular approach and hang nothing off my core except otehr switches. Put your servers on their own switches as well. There are a few reason i do it this way.
  The first is I run two cores for redunacy. by giving servers their own access layer switch, i can isolate them from a core failure.
  Second, ports on a core switch tend to be more expensive. I know I'm going to be adding servers in the next few years. Its cheaper for me to buy more 3560's then more blades for a 6500.
  Third, modularity. I can make more changes to either the core, or edge switches and not effect the other. Say you find out down the road, that the 3750 stack isnt quite moving the number of packets you need. If you plug end users and servers into your core now, just picture how much of a bear it will be to replace the core. Always try to go the route that will give you maximum flexibility and growth.

• Troubleshooting Fiber Connection on a Catalyst 2960

  I am trying to test my fiber connectivity on a Catalyst 2960 before I deploy it. So what I thought I would do is connect it to another switch in my office with a open port for the fiber connection. The other switch is a Catalyst 3560G. Here are the port configurations:
  interface GigabitEthernet0/2
  switchport trunk allowed vlan 1,100
  switchport mode trunk
  macro description cisco-switch
  interface GigabitEthernet0/25
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 1,100
  switchport mode trunk
  The first one is the catalyst 2960 and the 3560G is the second.
  When you show the interface for each of these it shows that it recognizes the media but the line protocal and the GigbitEthernet Port is down.
  Any Ideas?

  Sorry... a fiber optic cable with a connector on each end.
  To aid in troubleshooting, many times we loopback the signal back to the originating device. An optical loopback is just connecting the transmit (Tx) to the receive (Rx).
  The multimode SFP/GBIC transceiver you are using will allow you to directly connect the Transmit and Receive ports without damage to the unit. This should provide you with a green link LED.
  If so, then you can reconnect your fibers and loopback (connect the two fibers together) at the far end of the fiber link (use an optical adapter) and see if you get a green LED.

• Bandwidth monitoring on a Catalyst 2960

  Hello all, I'm working with two Catalyst 2960 switches and I would like to know if there is a way to monitor bandwidth on individual ports. Ideally I would like to have one graph showing a bandwidth usage reading on each port. I tried using the Network Assistant to accomplish this, but I was only able to view one port at a time. I also tried using a traffic graphing program from Paessler, but a MIB file is needed to allow the program to connect to the switch. When I ran a search on the network management page the 2960 was not on the list for MIB supported products. Is this type of graph possible to do? Or is there a more effective way to accomplish what I would like to do. Any ideas or suggestions would be helpful.

  Hi, we have just swapped all our avaya switches with catalyst 2960 (12, 24 and 48 ports) and 3750 (48 ports with 10gig module).
  How do I find what port I should monitor for bandwith graphs?
  Target[10.0.0.22_loc1]: 1:@10.0.0.22:

• Catalyst 2960 Problem with Cisco SPA512

  Hi there,
  I hope someone can help me.
  I don't have much experience with switches, I'm doing the desktop support in our company.
  We have Catalyst 4510 R+E to 2 Catalyst 2960 switches and seperate VLAN's for IP Phones and for Internet in one part of our office.
  Now I'm running into trouble with some IP Phones that are connected to the 2960 switches. It appears only to happen with Cisco's SPA-512. I've tried FW 7.5.2, 7.5.5 and 7.5.5b. These phones sporadically drop the call / connection, with the red MIC button blinking. Based on my research this means that it looses Internet connection. I have 1 SPA512 with FW 7.5.1 that does not show these symptoms.
  I have other phones SPA942 and Polycom IP335 in the same area behind the same switches and no issues.
  We've tried to disable auto negotiate and set a fixed transmition rate or either 1Gbps and 100Mbps, both without success.
  I also have SPA512 in other areas of the office just connected to our Catalyst 4510 R+E and they work just fine. That's why I don't believe it has anything to do with the 4510, but I can be wrong.
  That's all I have for you guys. Hope someone can help me to fix / troubleshoot this..
  Frank

  SSwitch3#test cable-diagnostics tdr int g1/0/16
  TDR test started on interface Gi1/0/16
  A TDR test can take a few seconds to run on an interface
  Use 'show cable-diagnostics tdr' to read the TDR results.
  SSwitch3#show cable-diagnostics tdr int g1/0/16
  TDR test last run on: June 27 13:39:21
  Interface Speed Local pair Pair length        Remote pair Pair status
  Gi1/0/16  1000M Pair A     52   +/- 10 meters Pair A      Normal
                  Pair B     52   +/- 10 meters Pair B      Normal
                  Pair C     52   +/- 10 meters Pair C      Normal
                  Pair D     52   +/- 10 meters Pair D      Normal
  SSwitch3#

• Cisco SG300-28 / SGE2000 / Catalyst 2960

  Hello everyone,
  I'm looking for switch to accompany Cisco ASA 5520 in data center, with 20+ GE ports and no need for PoE.
  I would like to understand the difference between Cisco SG300-28, Cisco SGE2000 and Cisco Catalyst 2960, 2960-C and 2960-S Series (except specific number of ports). As far as I can see the Cisco SGE2000 has 4x SFP and is stackable unlike the SG300 with 2x miniGBIC/SFP, but not much else. Cisco Catalyst 2960 series offers some additional features like USB storage, but I can't imagine I will need that.
  Any suggestions?
  Thank you
  Dan

  Hello everyone,
  I'm looking for switch to accompany Cisco ASA 5520 in data center, with 20+ GE ports and no need for PoE.
  I would like to understand the difference between Cisco SG300-28, Cisco SGE2000 and Cisco Catalyst 2960, 2960-C and 2960-S Series (except specific number of ports). As far as I can see the Cisco SGE2000 has 4x SFP and is stackable unlike the SG300 with 2x miniGBIC/SFP, but not much else. Cisco Catalyst 2960 series offers some additional features like USB storage, but I can't imagine I will need that.
  Any suggestions?
  Thank you
  Dan

• 802.1x on Cisco Catalyst 2960

  I am trying to enable 802.1x on one of
  the switchports of the Cisco Catalyst
  2960:
  C2960#sh run | i radius
  aaa authentication login test group radius local
  aaa authentication dot1x default group radius
  radius-server host 10.250.97.26 auth-port 1812 acct-port 1813
  radius-server source-ports 1645-1646
  radius-server key 123456
  C2960#sh run | i dot
  aaa authentication dot1x default group radius
  dot1x system-auth-control
  dot1x guest-vlan supplicant
  dot1x critical eapol
  C2960#conf t
  Enter configuration commands, one per line. End with CNTL/Z.
  C2960(config)#int g0/14
  C2960(config-if)#dot1x ?
  % Unrecognized command
  C2960(config-if)#dot1x
  As you can see, I can not enable 802.1x
  at the interface level. The code is am running is 12.2.25SEE4:
  Switch Ports Model SW Version SW Image
  * 1 24 WS-C2960G-24TC-L 12.2(25)SEE4 C2960-LANBASEK9-M
  System image file is "flash:c2960-lanbasek9-mz.122-25.SEE4.bin"
  According to Cisco, this image supports
  802.1x. Why can't enable it at the
  interface level?
  Can someone help me out? Thanks.

  some additional info:
  C2960#sh dot1x all
  Sysauthcontrol Enabled
  Dot1x Protocol Version 2
  Critical Recovery Delay 100
  Critical EAPOL Enabled
  C2960#

• View-only access to Catalyst 2960/2960S device manager

  I have noticed that when I access the (Web-based) device manager on a Catalyst 2960 or 2960S switch, the authentication prompt (from within IE, at least) includes the phrase, "The server <switch-hostname> at level_15_or_view_access requires a username and password." This would seem to imply that it's possible to configure view-only (a.k.a. read-only) access to the device manager, which would be perfect for first-level support personnel (in our environment). I reviewed the information on how to configure local authentication for the Web server (leveraging "ip http authentication local" among other commands), but the examples are a bit too broad for me understand how to specifically (and only) allow someone coming in via HTTP(S) to gain read-only access to the device manager. (Command line access should be denied entirely for the view-only user, if possible, or at least limited to commands that can't modify the switch's configuration.) Assuming this is possible, could someone cite the command sequence required?
  Thanks,
  Mike

  Hi,a customer want a user which has view-only rights on his catalyst switches. I created a user whit privilige level 7.If you log into the CLI everything is fine. But by trying to log into the web page the system wants a level 15 user.Is their any possibility to grant the level 7 user "view-only" rights on the Catalyst Device Manager?Thanks.Thanks.
  Hi,
  Check out the below link for SDM for read only user configuration
  http://conft.com/en/US/docs/routers/access/cisco_router_and_security_device_manager/application/notes/SDMcli.pdf
  Hope to Help !!
  Ganesh.H
  Remember to rate the helpful post

• Web Authentication Catalyst 2960

  Hi,
  I am trying to configure fallback Web Authentication on a catalyst 2960 switch. The goal is to authenticate clients via web authentication who are not 802.1x compliant (the 802.1x part is working fine) and allow them restricted access to the network. The problem is that the web authentication seems to fail.
  The equipment regarding my question : catalyst 2960 switch (version : 122-37.SE) and a FreeRadius.
  Here's what happens :
  The authentication window pops up in my browser and the Access-Request is sent to the RADIUS.
  The RADIUS in term responds with a Access-Accept. The debugs running on the switch show that all this information arrives correctly at the switch and the Authentication debug outputs a 'status = PASS' and the Authorization debug outputs a 'status = PASS_ADD'. In spite of this the browser on the client outputs a 'Authentication failed' message.
  I've read the manual and the Cisco-attribute Value pairs were mentioned : 'priv-lvl=15' and 'proxyacl ...'. Are these mandatory for it to work? Since I'm not configuring any switch login authentication via RADIUS.
  Any suggestions ?
  Thanx in advance

  Yes, they are mandatory.
  If priv-lvl=15 is not returned to the switch, the user will see ?Authentication Failed? and the access-list will not be applied. If the source field in the proxyacl statements is not ?any? or there are other syntax errors, the user will see ?Authentication Successful? but the access-list will not be applied and the user will be denied access to the network.
  Not sure about the specific FreeRADIUS config, but you need to setup the ?[026\009\001] cisco-av-pair VSA. It would look something like:
  priv-lvl=15
  proxyacl#10=permit ip any any
  Let me know if this gets you squared away,

• Cisco catalyst 2960 booting garbage, help on restore IOS

  Dear All,
  This is my first time on terminal access of Cisco Catalyst 2960 (2960TC-L), normally would use the web configuration for most task.
  Now the switch has an issue with the web interface and when I try to access through terminal, I was greeted with garbage upon the booting of the switch, I searched for the terminal boot process and it wasn't what I was expected for my switch. I was a bit dumbfound now of how can I recover the firmware to its default stage, now that I cannot even boot through its terminal console.
  Any help is highly appreciated. Thank you for your time.

  Hi,
  I just verified with my colleague of whom have done quite a few bits before I took over his task.
  His reply was he actually did an IOS flash before, though I'm not sure how he did it, but according to him, it was actually a success and the web interface still works for few times before it become like this.
  As I tried another time to goes into root mode (or Admin mode??) for the switch, the steps as I performed below:
  1. Refer to cisco-2960-putting-setting.jpg for the settings. I press Open and it does display the console Window, no issue there.
  2. I hold the "mode" button on the switch and turn on the switch power, and after few seconds the screen display as such (refer to cisco-2960-putty-output2.jpg), the SYST L.E.D. did flash with following pattern: Green (blink ~15 times) then Orange-Green (repeat blink twice) then Green (stable light), for this I was expecting it to goes off after few seconds but it didn't, I wait about a minute before I let go the "mode" button.
  3. After I let go the "mode" button, it goes to the screen (refer cisco-2960-putty-output3.jpg), and the SYST still blinking, possibly infinitely... with the console output screen stays like that... and whatever I entered display weird/garbage characters instead, I can't do anything on it.
  Each tries display different weird characters, as the SYST still blinking infinitely.
  I'm unsure if I'm giving enough details for online troubleshooting, I'll try my best to give as per instructed.
  Thank you for your time.