Cisco 2950 switch config issues
WOOHOO that worked! Have been on another site for a week trying to get this done.
Now, how do I change the default SSH port from 22 to the port I want?
Hello,I have a Cisco 2950 switch that I am trying to get working correctly. I want to be able to make console and SSH connections, but not Telnet.
Texten!config tusername admin secret Pa55w0rden secret Pa55w0rd!line con 0password Pa55w0rdlogin local!line vty 0 4password Pa55w0rdlogin localtransport input ssh!hostname GEMSWI0001ip domain-name domain.localntp server 192.168.217.10!crypto key generate rsa2048username admin priv 15 secret Pa55w0rdaaa new-model!service password-encryption!ip http serverip http port 65410!!vlan 128name Officeint vlan128ip address 192.168.128.254 255.255.255.0shut!vlan 217name GEMint vlan217ip address 192.168.217.254 255.255.255.0shut!vlan 999name GEM-Adminint vlan999ip address 192.168.255.251 255.255.255.248no shut!int fa0/47description GEMCON0000-1switch access vlan 999switchport mode accessswitchport...
This topic first appeared in the Spiceworks Community
Similar Messages
-
Dot1x Issue on Cisco 2950 Switch
Hi,
I have a Cisco 2950 switch running with c2950-i6q4l2-mz.121-22.EA6.bin image.When i configure a Dot1x Port Control Auto on each interface the utilization on the Cisco 2950 goes high.The moment i remove Dot1x Port Control Auto command on every interface utilization comes to normal.
Please let me know if any idea on this why the switch is behavior like this....
Thanks & Regds,
LalitMost likely you are hitting a bug although I did not find anything in the bug toolkit that could resemblance this.
What process is stealing all your cpu? Please do a `show proc cpu` for me. I would start by grabbing the EA13 release and try the same with that to see if you experience the same issues. -
Apple wired Dot1X - on Cisco 2950 switches
Hi, I have an issue with Apple desktop computers running 10.7 and 10.8 MacOS.
The problem is that we have only 2950 switches and we are very limited with what we can do on them, so we wanted basic DOT1X user authentication and VLAN placement. Those two are working great, except when user logs off, Mac stops sending DOT1X and port becomes unauthenticated. We alleviated that issue by using guest-vlan for failed dot1x authentications, but now we have a problem that once user logs in, there is no session change on 2950 and it doesn’t even try to authenticate user until we bounce the port.
Is there any way to fix this, on Cisco switch or Mac computer? One of the things that crossed my mind is bouncing port on Mac PC using some kind of logon script?
Has anyone else had this issue and was able to solve it?
Thanks.Hello Align,
Cisco 2950 switch with 12.1(9) supports 802.1 x authentications. As you are saying that you already configured 802.1x authentication and its working fine. I think there is problem with your MAC OS configuration. Please follow the below link to configure 802.1x on Apple.
http://support.apple.com/kb/ht3326 -
Connecting two Cisco 2950 switches to a 2600 router
Hello,
I'm trying to have two LANs connected to 2950 switch each, connect to a 2600 router and have the two LANs communicate with each other...i can't seem to get it working...any help...thanks
LAN 1 192.168.10.1/20
LAN 2 192.168.12.1/21
Thanks againAlright, these are only basic configs here:
Router
hostname Router
int fastethernet0/0
description Network 1
ipaddress 192.168.10.65 255.255.255.192
int fastethernet0/1
description Network 2
ip address 192.168.10.129 255.255.255.192
end
Switch 1 (the one connecting to f0/0)
hostname SwitchNet1
int f0/1
description Host 1 Net 1
no ip address
no shut
int f0/2
description Host 2 Net 1
no ip address
no shut
int f0/3
description Host 3 Net 1
no ip address
no shut
int f0/4
description Host 4 Net 1
no ip address
no shut
int range f0/5 - 23
no description
no ip address
shut
int f0/24
description UPLINK to Router
no ip address
no shut
int vlan 1
ip address 192.168.10.66 255.255.255.192
no shut
default-gateway 192.168.10.1
end
Switch 2 (the one connecting to f0/1)
hostname SwitchNet2
int f0/1
description Host 1 Net 2
no ip address
no shut
int f0/2
description Host 2 Net 2
no ip address
no shut
int f0/3
description Host 3 Net 2
no ip address
no shut
int f0/4
description Host 4 Net 2
no ip address
no shut
int range f0/5 - 23
no description
no ip address
shut
int f0/24
description UPLINK to Router
no ip address
no shut
int vlan 1
ip address 192.168.10.130 255.255.255.192
no shut
default-gateway 192.168.10.129
end
This config assumes only ports f0/1 - f0/4 will be used on each switch. If that is not the case, you will need to modify the interface configs accordingly. You may want to use descriptions more suited than to your network on the switchports. Also, this config assumes the router is connected to port f0/24 on each switch as well.
The default-gateway for the hosts and the switches is going to be the router IP address for the subnet they are attached to. The hosts/switches attached to f0/0 use 192.168.10.65 as their gateway. The hosts/switches attached to f0/1 use 192.168.10.129 as their gateway.
You do not need to configure a port on the switch as the default-gateway. The default-gateway is an IP address the host/switch uses to direct all traffic from itself out past the router. In fact, if you don't need the switch to talk to devices on the other subnet, you don't even need to configure a default-gateway on the switches (but I would anyway). -
What is the default tx-ring-limit on Cisco 2950 switches?
Hello,
we are working on a project involving changing different buffer/queue sizes and we are trying to discover the default tx-ring-limit size on Cisco 2950. Do you know a command that will show us this value?
Thank you in advance.I think that the default tx-ring-limit is probably 128. I couldn't find this value on a specific document regarding the 2950, but i found it on other cisco devices, so my guess is that it could be the default also for 2950 (although it's a bit old:) )
-
Q1. How Can i set Bandwidth on an interface ?
Q1. How Can i set Priority on an interface ?Hello,
are you referring to Layer 2 or Layer 3 ports ?
For Layer 2 ports, you could use the 'storm-control' interface command to limit unicast, multicast, or broadcast traffic as a percentage of total bandwidth. For CoS priority, the 'switchport priority' command could be used.
For Layer 3 ports you have more options, such as CBWFQ and CAR. What exactly do you need to configure ?
Regards,
GP -
Cisco 2950 - 3350 Trunking issue - Port not lighting up
Hi There,
I have two switches I am trying to connect a 2950 and a 3350. I have a crossover cable connecting them from fa0/24 to fa0/24 setup as a trunk,
however they won't connect and the port on both switches is down, (e.g no port light coming on on switch)
here is some show commands from both switches.. does anyone know where I am going wrong.. thanks in advance
2950#sh ip int brief
Interface IP-Address OK? Method Status Protocol
Vlan1 192.168.0.11 YES NVRAM up up
FastEthernet0/1 unassigned YES unset up up
FastEthernet0/2 unassigned YES unset down down
FastEthernet0/3 unassigned YES unset down down
FastEthernet0/4 unassigned YES unset down down
FastEthernet0/24 unassigned YES unset down down
2950#sh vlan
VLAN Name Status Ports
1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7, Fa0/8, Fa0/9, Fa0/10, Fa0/11, Fa0/12, Fa0/13, Fa0/14, Fa0/15, Fa0/16, Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
1 enet 100001 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
Primary Secondary Type Ports
2950#sh run
Building configuration...
Current configuration : 1278 bytes
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname 2950
enable secret 5 $1$JKXw$gcYpfOaSQRiQqcCuVF5371
ip subnet-zero
ip ssh time-out 120
ip ssh authentication-retries 3
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
interface FastEthernet0/1
interface FastEthernet0/2
interface FastEthernet0/3
switchport mode access
interface FastEthernet0/4
interface FastEthernet0/24
switchport mode access
speed 100
duplex full
interface Vlan1
ip address 192.168.0.11 255.255.255.0
ip http server
line con 0
line vty 0 4
password cisco
login
line vty 5 15
login
end
2950#
3350#sh vlan
VLAN Name Status Ports
1 default active Fa0/1, Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7, Fa0/8, Fa0/9, Fa0/10, Fa0/11, Fa0/12, Fa0/13, Fa0/14, Fa0/15, Fa0/16, Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24, Gi0/1, Gi0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
1 enet 100001 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
Primary Secondary Type Ports
3350#sh ip int brief
Interface IP-Address OK? Method Status Protocol
Vlan1 192.168.0.12 YES NVRAM up up
Vlan200 unassigned YES NVRAM down down
FastEthernet0/1 unassigned YES unset down down
FastEthernet0/2 unassigned YES unset up up
FastEthernet0/3 unassigned YES unset down down
FastEthernet0/24 unassigned YES unset down down
GigabitEthernet0/1 unassigned YES unset down down
GigabitEthernet0/2 unassigned YES unset down down
3350#sh run
Building configuration...
Current configuration : 1728 bytes
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname 3350
enable secret 5 $1$ojzz$X.gjyIj/4JDGAUDXYP5ie1
ip subnet-zero
ip routing
spanning-tree mode pvst
spanning-tree extend system-id
interface FastEthernet0/1
no ip address
interface FastEthernet0/2
no ip address
interface FastEthernet0/3
switchport mode access
no ip address
interface FastEthernet0/24
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
duplex full
speed 100
interface GigabitEthernet0/1
no ip address
interface GigabitEthernet0/2
no ip address
interface Vlan1
ip address 192.168.0.12 255.255.255.0
interface Vlan200
no ip address
ip classless
ip http server
line con 0
line vty 0 4
password cisco
login
line vty 5 15
login
end
3350#Hi Karthick,
I had a look under the interface however I don't appear to have any command for mdix-auto?
2950(config-if)#?
Interface configuration commands:
arp Set arp type (arpa, probe, snap) or timeout
bandwidth Set bandwidth informational parameter
carrier-delay Specify delay for interface transitions
cdp CDP interface subcommands
channel-group Etherchannel/port bundling configuration
channel-protocol Select the channel protocol (LACP, PAgP)
default Set a command to its defaults
delay Specify interface throughput delay
description Interface specific description
dot1x Interface Config Commands for 802.1x
down-when-looped Force looped interface down
duplex Configure duplex operation.
exit Exit from interface configuration mode
fair-queue Enable Fair Queuing on an Interface
help Description of the interactive help system
hold-queue Set hold queue depth
ip Interface Internet Protocol config commands
keepalive Enable keepalive
lacp LACP interface subcommands
load-interval Specify interval for load calculation for an interface
logging Configure logging for interface
mac-address Manually set interface MAC address
macro Command macro
mls mls interface commands
mvr MVR per port configuration
no Negate a command or set its defaults
pagp PAgP interface subcommands
random-detect Enable Weighted Random Early Detection (WRED) on an
Interface
rmon Configure Remote Monitoring on an interface
shutdown Shutdown the selected interface
snmp Modify SNMP interface parameters
spanning-tree Spanning Tree Subsystem
speed Configure speed operation.
storm-control storm configuration
switchport Set switching mode characteristics
timeout Define timeout values for this interface
transmit-interface Assign a transmit interface to a receive-only interface
tx-ring-limit Configure PA level transmit ring limit
udld Configure UDLD enabled or disabled and ignore global UDLD
setting
2950(config-if)# -
Cisco 5760 - Anchor config issue
Hi,
I am having an issue where the 5760 Anchor WLC has 4 Subnets but half of the VLANS need to go to a seperate gateway and the other half to another gateway.
Below image is what the network looks like:
The router (Content Filtering) is the Gateway for 4 x SSID’s/VLANs
The Firewall is the Gateway for the Management VLAN
The issue here is that we have 2 separate Gateways and there is no way to define separate gateways for each VLAN on the 5760 WLC
We have an default IP route 0.0.0.0 0.0.0.0 10.1.1.254 which is pointing to the Firewall. The firewall is not the gateway for the other 4 x SSID/VLANs that exist on the Anchor so we do not want all traffic going to the Firewall, only management traffic.
Is there a way to set different gateways for different subnets/VLANs on the 5760 WLC? Keeping in mind that there is an default route pointing to the Firewall.
Also does the 5760 WLC acts as a Layer 3 device?
ThanksAll types of deployments listed below for the Anchor configuration.
Case solution :
Wireless WebAuth and Guest Anchor Solutions
The following sections show a WebAuthentication (WebAuth) configuration and Guest Anchor examples on the CT5760.
Note For a complete webauth configuration, please download the webauth bundle from the following URL: http://software.cisco.com/download/release.html?mdfid=284397235&softwareid=282791507&
release=3.2.2&relind=AVAILABLE&rellifecycle=&reltype=latest .The readme file has all the GUI and CLI configuration for webauth.
Configure Parameter-Map Section in Global Configuration
The parameter map connection configuration mode commands allow you to define a connection- type parameter map. After you create the connection parameter map, you can configure TCP, IP, and other settings for the map.
! First section is to define our global values and the internal Virtual Address.
! This should be common across all WCM nodes.
PARAMETER-MAP TYPE WEBAUTH GLOBAL?
VIRTUAL-IP IPV4 192.0.2.1
PARAMETER-MAP TYPE WEBAUTH WEBPARALOCAL?
TYPE WEBAUTH?
BANNER TEXT ^C WEBAUTHX^C
REDIRECT ON-SUCCESS HTTP://9.12.128.50/WEBAUTH/LOGINSUCCESS.HTML
REDIRECT PORTAL IPV4 9.12.128.50
Configure Customized WebAuth Tar Packages
Transfer each file to flash:
copy tftp://10.1.10.100/WebAuth/webauth/ webauth_consent.html flash:webauth_consent.html
copy tftp://10.1.10.100/WebAuth/ webauth_success.html flash: webauth_success.html
copy tftp://10.1.10.100/WebAuth/ webauth_failure.html flash: webauth_failure.html
copy tftp://10.1.10.100/WebAuth/ webauth_expired.html flash: webauth_expired.html
Configure Parameter Pap with Custom Pages
parameter-map type webauth webparalocal
type webauth
custom-page login device flash:webauth_consent.html
custom-page success device flash:webauth_success.html
custom-page failure device flash: webauth_failure.html
custom-page login expired device flash:webauth_expired.html
Configure Parameter Map with Type Consent and Email Options
parameter-map type webauth webparalocal
type consent
consent email
custom-page login device flash:webauth_consent.html
custom-page success device flash:webauth_success.html
custom-page failure device flash:webauth_failure.html
custom-page login expired device flash:webauth_expired.html
Configure Local WebAuth Authentication
username guest password guest123
aaa new model
dot1x system-auth-control
aaa authentication login EXT_AUTH local
aaa authorization network EXT_AUTH local
aaa authorization network default local
or
aaa authentication login default local
aaa authorization network default local
Configure External Radius for WebAuth
aaa new model
dot1x system-auth-control
aaa server radius dynamic-author ?
client 10.10.200.60 server-key cisco ?server-key cisco ?
auth-type any
radius server cisco
address ipv4 10.10.200.60 auth-port 1812 acct-port 1813
key cisco
aaa group server radius cisco server name cisco
aaa authentication login EXT_AUTH group cisco
or
aaa authentication login default group cisco
Configure WLAN with WebAuth
wlan Guest-WbAuth 3 Guest-WbAuth
client vlan 100
mobility anchor 192.168.5.1
no security wpa
no security wpa akm dot1x
no security wpa wpa2
no security wpa wpa2 ciphers aes
security web-auth
security web-auth authentication-list EXT_AUTH
security web-auth parameter-map webparalocal
no shutdown
Configure HTTP Server in Global Configuration
!--- These are needed to enable Web Services in the Cisco IOS® software.
ip http server
ip http secure-server
ip http active-session-modules none
Other Configurations to be Checked or Enabled
!--- These are some global housekeeping Cisco IOS® software commands:
ip device tracking
ip dhcp snooping
SNMP Configuration
From the CT5760 console, configure the SNMP strings.
snmp---s er v er co mmuni t y p ub l i c r o
snmp---s er v er co mmuni t y p r i v a t e r w
IPv6 Configuration
IPv6 is supported on the data path. Wireless clients will be able to get an IPv6 address.
Enable IPv6 Snooping - CT5760
There are slight differences in configurations on a CT5760 when configuring IPv6. To enable IPv6 on a CT5760, the following step must be completed.
ipv6 nd raguard attach-policy testgaurd
Trusted-port
Device-role router
interface TenGigabitEthernet1/0/1
description Uplink to Core Switch
switchport trunk native vlan 200
switchport mode trunk
ipv6 nd raguard attach-policy testgaurd
ip dhcp snooping trust
Enable IPv6 on Interface - CT5760
Based on interfaces that need IPv6 configurations and the type of address needed, respective configurations are enabled as follows. IPv6 configurations are enabled on VLAN200.
vlan configuration 100 200
ipv6 nd suppress
ipv6 snooping
interface Vlan100
description Client VLAN
ip address 10.10.100.5 255.255.255.0
ip helper-address 10.10.100.1 2001:DB8:0:10::1/64
ipv6 address FEC0:20:21::1/64
ipv6 enable -
Configuring wired 802.1x with Cisco 2950 and NPS 2012 problem
Hi,
I am trying to setup wired authentication on my corporate network. For testing purposes, I have setup a Cisco 2950 switch for RADIUS authentication.
On the first day of the test, access messages were appearing on the event log of the 2012 Server and we were trying to address the issues with EAP and policy.(Network Policy and Access services)
Then, suddenly no events are written to the event log for the wired authentication. Accounting data is written to the log file at c:\windows\system32\logfiles, but nothing happens on the event log as if the NPS is not answering. We are using the same server for wireless 802.1x and all is working fine.
Checking the wired autoconfig log on the client, Restart Reason : Onex Auth Timeout appears.
Logging seems to be configured properly, there are no entries in event log. Below is the debug information from the 2950 switch;
KAT2-BATISW1#
00:18:28: dot1x-registry:dot1x_port_linkchange invoked on interface FastEthernet
0/17
00:18:28: dot1x-registry:dot1x_port_linkcomingup invoked on interface FastEthern
et0/17
00:18:28: dot1x-ev:dot1x_port_enable: set dot1x ask handler on interface FastEth
ernet0/17
00:18:28: dot1x-ev:dot1x_update_port_direction: Updating oper direction for Fa0/
17 (admin=Both, current oper=Both)
00:18:28: dot1x-ev:dot1x_update_port_direction: New oper direction for Fa0/17 is
Both
00:18:28: dot1x_auth Fa0/17: initial state auth_initialize has enter
00:18:28: dot1x-sm:Fa0/17:0000.0000.0000:auth_initialize_enter called
00:18:28: dot1x-ev:auth_initialize_enter:0000.0000.0000: Current ID=0
00:18:28: dot1x_auth Fa0/17: during state auth_initialize, got event 0(cfg_a
uto)
00:18:28: @@@ dot1x_auth Fa0/17: auth_initialize -> auth_disconnected
00:18:28: dot1x-sm:Fa0/17:0000.0000.0000:auth_disconnected_enter_action called
00:18:28: dot1x-sm:
dot1x_update_port_status called with port_status = DOT1X_PORT_STATUS_UNAUTHORIZE
D
00:18:28: dot1x-ev:dot1x_update_port_direction: Updating oper direction for Fa0/
17 (admin=Both, current oper=Both)
00:18:28: dot1x-ev:dot1x_update_port_direction: New oper direction for Fa0/17 is
Both
00:18:28: dot1x-ev:dot1x_port_cleanup_author: cleanup author on interface FastEt
hernet0/17
00:18:28: dot1x-ev:dot1x_update_port_status: Called with host_mode=0 state UNAUT
HORIZED
00:18:28: dot1x-ev:dot1x_update_port_status: using mac 0000.0000.0000 to send po
rt to unauthorized on vlan 0
00:18:28: dot1x-ev:Found a supplicant block for mac 0000.0000.0000 80D71C74
00:18:28: dot1x-ev:dot1x_port_unauthorized: Host-mode=0 radius/guest vlan=0 on F
astEthernet0/17
00:18:28: dot1x-ev: GuestVlan configured=0
00:18:28: dot1x-ev:supplicant 0000.0000.0000 is default
00:18:28: dot1x-ev:supplicant 0000.0000.0000 is last
00:18:28: dot1x-ev:Found a supplicant block for mac 0000.0000.0000 80D71C74
00:18:28: dot1x-ev:0000.0000.0000 is now unauthorized on port FastEthernet0/17
00:18:28: dot1x-ev:dot1x_port_cleanup_author: cleanup author on interface FastEt
hernet0/17
00:18:28: dot1x-ev:Enter function dot1x_aaa_acct_end
00:18:28: dot1x-ev:Found a supplicant block for mac 0000.0000.0000 80D71C74
00:18:28: dot1x-ev:Found a supplicant block for mac 0000.0000.0000 80D71C74
00:18:28: dot1x_auth Fa0/17: idle during state auth_disconnected
00:18:28: @@@ dot1x_auth Fa0/17: auth_disconnected -> auth_connecting
00:18:28: dot1x-sm:Fa0/17:0000.0000.0000:auth_connecting_enter called
00:18:28: dot1x_bend Fa0/17: initial state dot1x_bend_initialize has enter
00:18:28: dot1x-sm:Dot1x Initialize State Entered
00:18:28: dot1x_bend Fa0/17: initial state dot1x_bend_initialize has idle
00:18:28: dot1x_bend Fa0/17: during state dot1x_bend_initialize, got event 1
6383(idle)
00:18:28: @@@ dot1x_bend Fa0/17: dot1x_bend_initialize -> dot1x_bend_idle
00:18:28: dot1x-sm:Dot1x Idle State Entered
00:18:28: dot1x-ev:Created port supplicant block 0000.0000.0000 expected_id=0 cu
rrent_id=0
00:18:28: dot1x-ev:dot1x_init_sb_oper_info:Default port supplicant at memloc 80D
71C74
00:18:28: dot1x-ev:dot1x_post_message_to_auth_sm: cleanup author from interface
FastEthernet0/17
00:18:28: dot1x-ev:
dot1x_post_message_to_auth_sm:0000.0000.0000: Sending TX_FAIL
00:18:28: dot1x-ev:dot1x_post_message_to_auth_sm:0000.0000.0000: Current ID=1
00:18:28: dot1x-ev:Transmitting an EAPOL frame on FastEthernet0/17
00:18:28: dot1x-packet:Tx EAP-Failure, id 0, ver 1, len 4 (Fa0/17)
00:18:28: dot1x-registry:registry:dot1x_ether_macaddr called
00:18:28: dot1x-packet:Tx sa=000f.24e9.72d1, da=0180.c200.0003, et 888E (Fa0/17)
00:18:28: dot1x-ev:dot1x_post_message_to_auth_sm: cleanup author from interface
FastEthernet0/17
00:18:28: dot1x-ev:dot1x_post_message_to_auth_sm: Tx for req_id for supplicant 0
000.0000.0000
00:18:28: dot1x-ev:Transmitting an EAPOL frame on FastEthernet0/17
00:18:28: dot1x-packet:Tx EAP-Request(Id), id 1, ver 1, len 5 (Fa0/17)
00:18:28: dot1x-registry:registry:dot1x_ether_macaddr called
00:18:28: dot1x-packet:Tx sa=000f.24e9.72d1, da=0180.c200.0003, et 888E (Fa0/17)
00:18:28: dot1x-ev:Received an EAPOL frame on interface FastEthernet0/17
00:18:28: dot1x-packet:Rx EAP-Response(Id), id 1, ver 1, len 21 (Fa0/17)
00:18:28: dot1x-packet:Rx sa=0024.1d10.d7c5, da=0180.c200.0003, et 888E (Fa0/17)
00:18:28: dot1x-ev:Couldn't find a supplicant block for mac 0024.1d10.d7c5
00:18:28: dot1x-ev:Couldn't find a supplicant block for mac 0024.1d10.d7c5
00:18:28: dot1x-ev:Found a supplicant block for mac 0000.0000.0000 80D71C74
00:18:28: dot1x_auth Fa0/17: initial state auth_initialize has enter
00:18:28: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_initialize_enter called
00:18:28: dot1x-ev:auth_initialize_enter:0024.1d10.d7c5: Current ID=0
00:18:28: dot1x_auth Fa0/17: during state auth_initialize, got event 0(cfg_a
uto)
00:18:28: @@@ dot1x_auth Fa0/17: auth_initialize -> auth_disconnected
00:18:28: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_disconnected_enter_action called
00:18:28: dot1x-sm:
dot1x_update_port_status called with port_status = DOT1X_PORT_STATUS_UNAUTHORIZE
D
00:18:28: dot1x-ev:dot1x_update_port_direction: Updating oper direction for Fa0/
17 (admin=Both, current oper=Both)
00:18:28: dot1x-ev:dot1x_update_port_direction: New oper direction for Fa0/17 is
Both
00:18:28: dot1x-ev:dot1x_port_cleanup_author: cleanup author on interface FastEt
hernet0/17
00:18:28: dot1x-ev:dot1x_update_port_status: Called with host_mode=0 state UNAUT
HORIZED
00:18:28: dot1x-ev:dot1x_update_port_status: using mac 0024.1d10.d7c5 to send po
rt to unauthorized on vlan 0
00:18:28: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:28: dot1x-ev:dot1x_port_unauthorized: Host-mode=0 radius/guest vlan=0 on F
astEthernet0/17
00:18:28: dot1x-ev: GuestVlan configured=0
00:18:28: dot1x-ev:supplicant 0024.1d10.d7c5 is last
00:18:28: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:28: dot1x-ev:0024.1d10.d7c5 is now unauthorized on port FastEthernet0/17
00:18:28: dot1x-ev:dot1x_port_cleanup_author: cleanup author on interface FastEt
hernet0/17
00:18:28: dot1x-ev:Enter function dot1x_aaa_acct_end
00:18:28: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:28: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:28: dot1x_auth Fa0/17: idle during state auth_disconnected
00:18:28: @@@ dot1x_auth Fa0/17: auth_disconnected -> auth_connecting
00:18:28: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_connecting_enter called
00:18:28: dot1x_bend Fa0/17: initial state dot1x_bend_initialize has enter
00:18:28: dot1x-sm:Dot1x Initialize State Entered
00:18:28: dot1x_bend Fa0/17: initial state dot1x_bend_initialize has idle
00:18:28: dot1x_bend Fa0/17: during state dot1x_bend_initialize, got event 1
6383(idle)
00:18:28: @@@ dot1x_bend Fa0/17: dot1x_bend_initialize -> dot1x_bend_idle
00:18:28: dot1x-sm:Dot1x Idle State Entered
00:18:28: dot1x-ev:Created port supplicant block 0024.1d10.d7c5 expected_id=1 cu
rrent_id=1
00:18:28: dot1x-ev:dot1x_post_message_to_auth_sm: cleanup author from interface
FastEthernet0/17
00:18:28: dot1x-ev:dot1x_post_message_to_auth_sm: cleanup author from interface
FastEthernet0/17
00:18:28: dot1x-ev:dot1x_post_message_to_auth_sm: Tx for req_id for supplicant 0
024.1d10.d7c5
00:18:28: dot1x-ev:Transmitting an EAPOL frame on FastEthernet0/17
00:18:28: dot1x-packet:Tx EAP-Request(Id), id 0, ver 1, len 5 (Fa0/17)
00:18:28: dot1x-registry:registry:dot1x_ether_macaddr called
00:18:28: dot1x-packet:Tx sa=000f.24e9.72d1, da=0180.c200.0003, et 888E (Fa0/17)
00:18:28: dot1x-ev:Received an EAPOL frame on interface FastEthernet0/17
00:18:28: dot1x-packet:Rx EAP-Response(Id), id 0, ver 1, len 21 (Fa0/17)
00:18:28: dot1x-packet:Rx sa=0024.1d10.d7c5, da=0180.c200.0003, et 888E (Fa0/17)
00:18:28: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:28: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:28: dot1x_auth Fa0/17: during state auth_connecting, got event 7(rxRes
pId)
00:18:28: @@@ dot1x_auth Fa0/17: auth_connecting -> auth_authenticating
00:18:28: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_connecting_exit alled
00:18:28: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_authenticating_enter called
00:18:28: dot1x-ev:sending AUTH_START to BEND for supp_info=80D7E584
00:18:28: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_connecting_authenticating_action c
alled
00:18:28: dot1x-ev:Received AuthStart from Authenticator for supp_info=80D7E584
00:18:28: dot1x_bend Fa0/17: during state dot1x_bend_idle, got event 1(auth_
start)
00:18:28: @@@ dot1x_bend Fa0/17: dot1x_bend_idle -> dot1x_bend_response
00:18:28: dot1x-sm:Dot1x Response State Entered for supp_info=80D7E584 hwidb=807
D353C, swidb=807D4898 on intf=Fa0/17
00:18:28: dot1x-ev:Managed Timer in sub-block attached as leaf to master
00:18:28: dot1x-sm:Started the ServerTimeout Timer
00:18:28: dot1x-ev:Going to Send Request to AAA Client on RP for id = 0 and leng
th = 21
00:18:28: dot1x-ev:Got a Request from SP to send it to Radius with id 4294967283
00:18:28: dot1x-ev:Couldn't Find a process thats already handling the request fo
r this id 0
00:18:28: dot1x-ev:Inserted AAA request for interface FastEthernet0/17, MAC 0024
.1d10.d7c5, VLAN 0 on pending request queue
00:18:28: dot1x-ev:Found a free slot at slot 0
00:18:28: dot1x-ev:Found a free slot at slot 0
00:18:28: dot1x-ev:Processing AAA request for interface FastEthernet0/17, MAC 00
24.1d10.d7c5, VLAN 0 from pending request queue
00:18:28: dot1x-ev:Request id = -13 and length = 21
00:18:28: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:28: dot1x-ev:The Interface on which we got this AAA Request is FastEtherne
t0/17
00:18:28: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:28: dot1x-ev:Username is DUZEY\SAYTAMANER
00:18:28: dot1x-ev:MAC Address is 0024.1d10.d7c5
00:18:28: dot1x-ev:RemAddr is 00-24-1D-10-D7-C5/00-0F-24-E9-72-D1
00:18:28: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:30: %LINK-3-UPDOWN: Interface FastEthernet0/17, changed state to up
00:18:46: dot1x-ev:Received an EAPOL frame on interface FastEthernet0/17
00:18:46: dot1x-packet:Rx EAPOL-Start, ver 1, len 0 (Fa0/17)
00:18:46: dot1x-packet:Rx sa=0024.1d10.d7c5, da=0180.c200.0003, et 888E (Fa0/17)
00:18:46: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:46: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:46: dot1x-ev:RECEIVED mac =0024.1d10.d7c5 and Stored MAC =0024.1d10.d7c5
00:18:46: dot1x_auth Fa0/17: during state auth_authenticating, got event 4(e
apStart)
00:18:46: @@@ dot1x_auth Fa0/17: auth_authenticating -> auth_aborting
00:18:46: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_aborting_enter called
00:18:46: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_authenticating_aborting_action cal
led
00:18:46: dot1x-ev:Received DOT1X_MSG_AUTH_ABORT: setting msg_id = 0
00:18:46: dot1x_bend Fa0/17: during state dot1x_bend_response, got event 5(i
nitialize)
00:18:46: @@@ dot1x_bend Fa0/17: dot1x_bend_response -> dot1x_bend_initialize
00:18:46: dot1x-sm:Dot1x Initialize State Entered
00:18:46: dot1x_bend Fa0/17: idle during state dot1x_bend_initialize
00:18:46: @@@ dot1x_bend Fa0/17: dot1x_bend_initialize -> dot1x_bend_idle
00:18:46: dot1x-sm:Dot1x Idle State Entered
00:18:46: dot1x_auth Fa0/17: during state auth_aborting, got event 16(noauth
Abort_noeapLogoff)
00:18:46: @@@ dot1x_auth Fa0/17: auth_aborting -> auth_connecting
00:18:46: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_connecting_enter called
00:18:46: dot1x-ev:dot1x_post_message_to_auth_sm: Tx for req_id for supplicant 0
024.1d10.d7c5
00:18:46: dot1x-ev:Transmitting an EAPOL frame on FastEthernet0/17
00:18:46: dot1x-packet:Tx EAP-Request(Id), id 1, ver 1, len 5 (Fa0/17)
00:18:46: dot1x-registry:registry:dot1x_ether_macaddr called
00:18:46: dot1x-packet:Tx sa=000f.24e9.72d1, da=0180.c200.0003, et 888E (Fa0/17)
00:18:46: dot1x-ev:Received an EAPOL frame on interface FastEthernet0/17
00:18:46: dot1x-packet:Rx EAP-Response(Id), id 1, ver 1, len 21 (Fa0/17)
00:18:46: dot1x-packet:Rx sa=0024.1d10.d7c5, da=0180.c200.0003, et 888E (Fa0/17)
00:18:46: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:46: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:46: dot1x-ev:RECEIVED mac =0024.1d10.d7c5 and Stored MAC =0024.1d10.d7c5
00:18:46: dot1x_auth Fa0/17: during state auth_connecting, got event 7(rxRes
pId)
00:18:46: @@@ dot1x_auth Fa0/17: auth_connecting -> auth_authenticating
00:18:46: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_connecting_exit alled
00:18:46: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_authenticating_enter called
00:18:46: dot1x-ev:sending AUTH_START to BEND for supp_info=80D7E584
00:18:46: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_connecting_authenticating_action c
alled
00:18:46: dot1x-ev:Received AuthStart from Authenticator for supp_info=80D7E584
00:18:46: dot1x_bend Fa0/17: during state dot1x_bend_idle, got event 1(auth_
start)
00:18:46: @@@ dot1x_bend Fa0/17: dot1x_bend_idle -> dot1x_bend_response
00:18:46: dot1x-sm:Dot1x Response State Entered for supp_info=80D7E584 hwidb=807
D353C, swidb=807D4898 on intf=Fa0/17
00:18:46: dot1x-ev:Managed Timer in sub-block attached as leaf to master
00:18:46: dot1x-sm:Started the ServerTimeout Timer
00:18:46: dot1x-ev:Going to Send Request to AAA Client on RP for id = 1 and leng
th = 21
00:18:46: dot1x-ev:Got a Request from SP to send it to Radius with id 4294967284
00:18:46: dot1x-ev:Found a process thats already handling therequest for this id
1
00:18:48: dot1x-err:Dot1x Authentication failed (AAA_AUTHEN_STATUS_ERROR)
00:18:48: dot1x-ev:Received VLAN is No Vlan
00:18:48: dot1x-ev:Enqueued the response to BackEnd
00:18:48: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:48: dot1x-ev:Enter function dot1x_aaa_acct_end
00:18:48: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:48: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:48: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:18:48: dot1x-ev:Received QUEUE EVENT in response to AAA Request
00:18:58: dot1x-sm:Fa0/17:0000.0000.0000:dot1x_process_txWhen_expire called
00:18:58: dot1x_auth Fa0/17: during state auth_connecting, got event 19(txWh
en_expire)
00:18:58: @@@ dot1x_auth Fa0/17: auth_connecting -> auth_connecting
00:18:58: dot1x-sm:Fa0/17:0000.0000.0000:auth_connecting_connecting_action calle
d
00:18:58: dot1x-ev:dot1x_post_message_to_auth_sm: Skipping tx for req_id for def
ault supplicant
00:19:07: dot1x-ev:Received an EAPOL frame on interface FastEthernet0/17
00:19:07: dot1x-packet:Rx EAPOL-Start, ver 1, len 0 (Fa0/17)
00:19:07: dot1x-packet:Rx sa=0024.1d10.d7c5, da=0180.c200.0003, et 888E (Fa0/17)
00:19:07: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:19:07: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:19:07: dot1x-ev:RECEIVED mac =0024.1d10.d7c5 and Stored MAC =0024.1d10.d7c5
00:19:07: dot1x_auth Fa0/17: during state auth_authenticating, got event 4(e
apStart)
00:19:07: @@@ dot1x_auth Fa0/17: auth_authenticating -> auth_aborting
00:19:07: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_aborting_enter called
00:19:07: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_authenticating_aborting_action cal
led
00:19:07: dot1x-ev:Received DOT1X_MSG_AUTH_ABORT: setting msg_id = 0
00:19:07: dot1x_bend Fa0/17: during state dot1x_bend_response, got event 5(i
nitialize)
00:19:07: @@@ dot1x_bend Fa0/17: dot1x_bend_response -> dot1x_bend_initialize
00:19:07: dot1x-sm:Dot1x Initialize State Entered
00:19:07: dot1x_bend Fa0/17: idle during state dot1x_bend_initialize
00:19:07: @@@ dot1x_bend Fa0/17: dot1x_bend_initialize -> dot1x_bend_idle
00:19:07: dot1x-sm:Dot1x Idle State Entered
00:19:07: dot1x_auth Fa0/17: during state auth_aborting, got event 16(noauth
Abort_noeapLogoff)
00:19:07: @@@ dot1x_auth Fa0/17: auth_aborting -> auth_connecting
00:19:07: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_connecting_enter called
00:19:07: dot1x-ev:dot1x_post_message_to_auth_sm: Tx for req_id for supplicant 0
024.1d10.d7c5
00:19:07: dot1x-ev:Transmitting an EAPOL frame on FastEthernet0/17
00:19:07: dot1x-packet:Tx EAP-Request(Id), id 2, ver 1, len 5 (Fa0/17)
00:19:07: dot1x-registry:registry:dot1x_ether_macaddr called
00:19:07: dot1x-packet:Tx sa=000f.24e9.72d1, da=0180.c200.0003, et 888E (Fa0/17)
00:19:07: dot1x-ev:Received an EAPOL frame on interface FastEthernet0/17
00:19:07: dot1x-packet:Rx EAP-Response(Id), id 2, ver 1, len 21 (Fa0/17)
00:19:07: dot1x-packet:Rx sa=0024.1d10.d7c5, da=0180.c200.0003, et 888E (Fa0/17)
00:19:07: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:19:07: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:19:07: dot1x-ev:RECEIVED mac =0024.1d10.d7c5 and Stored MAC =0024.1d10.d7c5
00:19:07: dot1x_auth Fa0/17: during state auth_connecting, got event 7(rxRes
pId)
00:19:07: @@@ dot1x_auth Fa0/17: auth_connecting -> auth_authenticating
00:19:07: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_connecting_exit alled
00:19:07: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_authenticating_enter called
00:19:07: dot1x-ev:sending AUTH_START to BEND for supp_info=80D7E584
00:19:07: dot1x-sm:Fa0/17:0024.1d10.d7c5:auth_connecting_authenticating_action c
alled
00:19:07: dot1x-ev:Received AuthStart from Authenticator for supp_info=80D7E584
00:19:07: dot1x_bend Fa0/17: during state dot1x_bend_idle, got event 1(auth_
start)
00:19:07: @@@ dot1x_bend Fa0/17: dot1x_bend_idle -> dot1x_bend_response
00:19:07: dot1x-sm:Dot1x Response State Entered for supp_info=80D7E584 hwidb=807
D353C, swidb=807D4898 on intf=Fa0/17
00:19:07: dot1x-ev:Managed Timer in sub-block attached as leaf to master
00:19:07: dot1x-sm:Started the ServerTimeout Timer
00:19:07: dot1x-ev:Going to Send Request to AAA Client on RP for id = 2 and leng
th = 21
00:19:07: dot1x-ev:Got a Request from SP to send it to Radius with id 4294967285
00:19:07: dot1x-ev:Couldn't Find a process thats already handling the request fo
r this id 2
00:19:07: dot1x-ev:Inserted AAA request for interface FastEthernet0/17, MAC 0024
.1d10.d7c5, VLAN 0 on pending request queue
00:19:07: dot1x-ev:Found a free slot at slot 0
00:19:07: dot1x-ev:Found a free slot at slot 0
00:19:07: dot1x-ev:Processing AAA request for interface FastEthernet0/17, MAC 00
24.1d10.d7c5, VLAN 0 from pending request queue
00:19:07: dot1x-ev:Request id = -11 and length = 21
00:19:07: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:19:07: dot1x-ev:The Interface on which we got this AAA Request is FastEtherne
t0/17
00:19:07: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:19:07: dot1x-ev:Username is DUZEY\SAYTAMANER
00:19:07: dot1x-ev:MAC Address is 0024.1d10.d7c5
00:19:07: dot1x-ev:RemAddr is 00-24-1D-10-D7-C5/00-0F-24-E9-72-D1
00:19:07: dot1x-ev:Found a supplicant block for mac 0024.1d10.d7c5 80D7E584
00:19:19: dot1x-registry:dot1x_port_linkchange invoked on interface FastEthernet
0/17
00:19:19: dot1x-ev:supp_info=80D7E584 txWhen_timer=80D7E5D4 quietWhile_timer=80D
7E594reAuthWhen_timer=80D7E5B4 awhile_timer=80D7E5F4
00:19:19: dot1x-ev:destroy supplicant block for 0024.1d10.d7c5
00:19:19: dot1x-ev:supp_info=80D71C74 txWhen_timer=80D71CC4 quietWhile_timer=80D
71C84reAuthWhen_timer=80D71CA4 awhile_timer=80D71CE4
00:19:19: dot1x-ev:destroy supplicant block for 0000.0000.0000
00:19:19: dot1x-ev:Enter function dot1x_aaa_acct_end
00:19:19: dot1x-ev:Found a supplicant block for mac 0000.0000.0000 80D71C74
00:19:19: dot1x-ev:Found a supplicant block for mac 0000.0000.0000 80D71C74
00:19:19: dot1x-ev:dot1x_port_cleanup_author: cleanup author on interface FastEt
hernet0/17
00:19:19: dot1x-ev:dot1x_post_message_to_auth_sm: cleanup author from interface
This is driving me crazy, working on it for a whole week and no results..
Thank you..Hi again,
I have put the config on 2960. Now as soon as the authentication starts, this is the message on debug;
dot1x authentication unable to start - authenticator not enabled..
Any ideas?
regards,
onur -
Does 2950 switch support IP SLA ?
Hi,
I am trying to implement IP SLA.
Can I implement it on layer2 switches?
Regards
skraoThe Cisco 2950 switches seem to suport legacy RTR (Response Time Reporter) NOT IP SLA. SLA has been called various titles during its evolution to SLA. The feature comparison chart below states IP SLA is NOT availalbe on the 2950.
http://packetlife.net/wiki/feature-comparison-catalyst-2950-2960-3550-3560/
Indeed I cannot access IP SLA as a cmd under either 12.1(14)EA1a or 12.1(22)EA13 on the 2950 switches I have available! IP SLA is however available on the 3550 switches I am running!
I suggest it may well be the case that the 2950s use the RTR command instead.
http://www.cisco.com/en/US/docs/ios/12_3t/fun/command/reference/cfrgt_10.html
Information generally though for RTR is scarce, because I suggest of Search Engine 'bleed' referencing RTR as 'Router'!
My advice is to explore RTR
https://supportforums.cisco.com/thread/2152754
...work with what is availalable rather than dwelling on what is not, or choose to revise just the theory...if your need is mostly for exams.
The good news is ALS1|(config)#RTR responder
...reportedly works just as well as #ip sla responder
http://mellowd.co.uk/ccie/?p=649
Please login & rate this comment>>>so as to highlight the issue I hope as SOLVED -
Can't open console to 2950 switch
Howdy all,
I'm after inheriting a cisco 2950 switch in my new job and I do not know the enable password for it. I went about following the "password recovery procedure" but am getting nowhere.
http://www.cisco.com/warp/public/474/pswdrec_2500.html
I have tried connecting to the switch after powering it up but cannot open a session over the console port. I've tried using both COM ports on my laptop with all the variations of the flow control setting but no joy.
I took a look at an old config file that was saved on the network for the switch and found this at the end:
LINE CON 0
TRANSPORT INPUT NONE
Is this stopping me from completing the password reset when the switch is booting up??? All advice welcomed.
Regards,
PaddyIrishmanHI Paddy, [Pls Rate if HELPS]
"Transport Input None" command will prevent you from accessing the Device.
Refer link below for CISCO 2950 Swtich Password Recovery Procedure Document:
http://www.cisco.com/warp/public/474/pswdrec_2900xl.html
Refer step by step procedure (quick ref):
1. Unplug the power cable
2. Hold down the mode button while replugging the power cable
3. Type flash_init over the console
4. Type load_helper
5. Type Dir flash:
//make sure to type the semi-colons
6. Type rename flash:config.tdt flash:config.old
//the password is contained in the config.txt fil.e
7. Type boot
//this reboots the system
8. Type n to skip the initial setup config
9. Type enable
//this takes you to the enable mode
10. Type rename flash:config.old flash:config.txt
11. Save config.txt to system
#copy flash:config.txt system:running-config
12. Enter config mode and change the password
#cofig t
#no enable secret
//this applies only if the enable secret password was created
13. Finally write the changes to memory
#write memory
PLS RATE if HELPS
Best Regards,
Guru Prasad R -
i have a cisco 2950 switch.in the network which i want to create out of 24 ports i want two ports should be isolated from all other ports. and there should be only two ports among the remaining which can access those two ports and and also communicate with rest.
Hi Kalyan,
What u mean by accessing the ports???? If it just passing the traffic means you better configure those two ports in a single vlan each. and other ports in a different vlan.
But if u want to have two ports which needs to pass all traffic, better be in trunk mode allowing all the three vlans.
You can pass the three vlans thro. this two ports but if you want commuicate between vlans, you should have either L3 device or router to do the intervlan traffic.
Rate if it helps
Rgs, -
I have 2 Cisco 2950 switches one for each network in my office. One switch is full the other only has 8 ports used. Since both swithches are 24 port I though I might be able to split the switch on the underused network and allocate 12 ports on it to the other busy network.
I assume I have to create 2 Vlans on the switch, but can I assign 1 vlan with the same IP as the other switch and simply patch them together.Hi Mark,
first of all i have a question.... Why do u need ip adresses on your switch? just to manage them?
If so here is my suggestion...
u should assign 3 vlans not 2... make one of them your management vlan and assing an ip addresses from a diffent subnet than your nodes. Then configure a trunk between the two switches. Remember to make your management vlan the native vlan (switchport trunk native vlan ).
Next u assign each port to the appropriate vlan and your done.
If u manage the switches via console port, forget about ip adresses... u dont need one. just make two vlans and assign the ports (dont forget the trunk).
Regards,
Sebastian -
Cisco 2950 trunk s shutdown problem
i have a network on fiber.i have use cisco 2950 switches in that topolgy.my problem is that sometimes the trunk ports automatically shutdown which creates a lot of problem.when the ports shutdown the cpu usage of switch goes to 66.normally it remains at 30.secondly i give redunant path to every vlan and now the vlan spanning tree has stopped because cisco 2950 doesnot support more than 64 stp.
What could be the problem?or iam thinking about the bandwidth..How much bandwidth does cisco 2950 switch can max carry?
Posted by WebUser Umair Zia from Cisco Support Community AppIf the trunk port went into shutdown, then there's gotta be a reason why.
Can you post the output to the command "sh post" particularly the time when the port went "down"? -
Duplex Mismatch when connecting ip phone with 2950 switch
When I connect my Cisco IP Phone 7960 with 2950 Switch (any access port within voice vlan), I get the message on Port duplex mismatch but the phone works properly.
From my switch the speed setting is 100/Full but from the Phone its Auto.
My Question is when I try to change duplex settings from Phone, it doesn't gives me any option instead only one option available to save so kindly someone tell me the best way to fix this from Phone or do I have to change the duplex from switch to AUTO ?Thanks but When I connect with my Cisco 2950 Switch, I can see the weird kind of language as per my attachment.
It wasn't yesterday when I first configured from scratch but just seen today.
Switch is working good with Cisco IP phone connected with it.
Maybe you are looking for
-
I can no longer connect my N86 to my PC to sync th...
It just won't connect to the computer. I click to connect my device (on Ovi) and it says to connect using the USB lead then it says it doesn't recognise and to try again. Please help, I have loads of photos on the phone now and I want to download the
-
Progress Bar, or put it Busy mode
Hi, I want to set the Progress bar in Busy mode,while we are going from one page to other page. i.e When clicking the button,it shows the process is busy.Before going to that particular page it shows the message like"The page is opened".How To put th
-
How to I link Slaes Orders and Price Assurances - Table VBAK Field AUART
Hello, Using T-code VA43 I can enter a contract number (we call it a Price Assurance#) and then I can see the information I need 1 for one. I can also pull this info out of the VBAK and VBAP tables using the doc type ZQ in the field AUART. What I a
-
Adobe CC desktop not displaying apps panel
Just downloaded free version of CC desktop app onto Macbook Pro running OS X 10.9.5 (Mavericks). Am trying to download trial version of Premiere Pro CC, but when I launch CC from the menu bar the Apps panel just shows a spinning wheel, as if it's try
-
I have recently had to reformat my MacBook Pro internal disk and restore from a time machine backup. Unfortunately a lot of my music was not in the time machine backup. Some of the lost music still exists on my iPad. My question is: what happens when