Switch command of 2960 switches

I have 1 switch 2960 24TC S. i updated the iOS to 15.0.2 . i want to configuration with the command: 
authentication event server dead action reintialize vlan 
but the command of the switch show me i can only configure: event fail or non-response 
i read some article that this switch do support the command: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/15-0_1_se/command/reference/cr_2960/cli1.html
Any idea for fix it ? 

I think the actual deployed number is coming out to 6, but with this customer, you never can tell.  :)
I came in to this well after the architecture was planned and sold to the customer, now it is just a matter of making it work.
It should not be too bad, considering the stacks are backed by 10gb uplinks to the core and the port-channels are to bond the ports to the workstations, so at least we are not hanging more switching off of them.
Thanks for the info,

Similar Messages

  • Can not administer Catalyst 2960 switch via console

    Hello,
    I want to configure my switch via console cable, the switch boots up normally, and there are no configurations present on the switch.  However, anything I type does not appear on the terminal client.  I used several terminal clients (TeraTerm, PuTTY, HyperTerminal), all latest versions as well as different PCs.  I even forced the switch to rommon mode, still, anything I type does not appear on the terminal client.
    Here's the output of TeraTerm:
    Boot Sector Filesystem (bs) installed, fsid: 2
    Base ethernet MAC Address: e8:40:40:06:f0:80
    Xmodem file system is available.
    The password-recovery mechanism is enabled.
    Initializing Flash...
    flashfs[0]: 542 files, 19 directories
    flashfs[0]: 0 orphaned files, 0 orphaned directories
    flashfs[0]: Total bytes: 32514048
    flashfs[0]: Bytes used: 11565056
    flashfs[0]: Bytes available: 20948992
    flashfs[0]: flashfs fsck took 11 seconds.
    ...done Initializing Flash.
    done.
    Loading "flash:/c2960-lanbasek9-mz.122-50.SE5/c2960-lanbasek9-mz.122-50.SE5.bin"...@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    File "flash:/c2960-lanbasek9-mz.122-50.SE5/c2960-lanbasek9-mz.122-50.SE5.bin" uncompressed and installed, entry point: 0x3000
    executing...
                  Restricted Rights Legend
    Use, duplication, or disclosure by the Government is
    subject to restrictions as set forth in subparagraph
    (c) of the Commercial Computer Software - Restricted
    Rights clause at FAR sec. 52.227-19 and subparagraph
    (c) (1) (ii) of the Rights in Technical Data and Computer
    Software clause at DFARS sec. 252.227-7013.
               cisco Systems, Inc.
               170 West Tasman Drive
               San Jose, California 95134-1706
    Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(50)SE5, RELEASE SOFTWARE (fc1)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2010 by Cisco Systems, Inc.
    Compiled Tue 28-Sep-10 13:44 by prod_rel_team
    Image text-base: 0x00003000, data-base: 0x01400000
    Initializing flashfs...
    fsck: Disable shadow buffering due to heap fragmentation.
    flashfs[1]: 542 files, 19 directories
    flashfs[1]: 0 orphaned files, 0 orphaned directories
    flashfs[1]: Total bytes: 32514048
    flashfs[1]: Bytes used: 11565056
    flashfs[1]: Bytes available: 20948992
    flashfs[1]: flashfs fsck took 2 seconds.
    flashfs[1]: Initialization complete....done Initializing flashfs.
    Checking for Bootloader upgrade.. not needed
    POST: CPU MIC register Tests : Begin
    POST: CPU MIC register Tests : End, Status Passed
    POST: PortASIC Memory Tests : Begin
    POST: PortASIC Memory Tests : End, Status Passed
    POST: CPU MIC interface Loopback Tests : Begin
    POST: CPU MIC interface Loopback Tests : End, Status Passed
    POST: PortASIC RingLoopback Tests : Begin
    POST: PortASIC RingLoopback Tests : End, Status Passed
    POST: PortASIC CAM Subsystem Tests : Begin
    POST: PortASIC CAM Subsystem Tests : End, Status Passed
    POST: PortASIC Port Loopback Tests : Begin
    POST: PortASIC Port Loopback Tests : End, Status Passed
    Waiting for Port download...Complete
    This product contains cryptographic features and is subject to United
    States and local country laws governing import, export, transfer and
    use. Delivery of Cisco cryptographic products does not imply
    third-party authority to import, export, distribute or use encryption.
    Importers, exporters, distributors and users are responsible for
    compliance with U.S. and local country laws. By using this product you
    agree to comply with applicable laws and regulations. If you are unable
    to comply with U.S. and local laws, return this product immediately.
    A summary of U.S. laws governing Cisco cryptographic products may be found at:
    http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
    If you require further assistance please contact us by sending email to
    [email protected].
    cisco WS-C2960-24TT-L (PowerPC405) processor (revision J0) with 65536K bytes of memory.
    Processor board ID FOC1510X4ZQ
    Last reset from power-on
    1 Virtual Ethernet interface
    24 FastEthernet interfaces
    2 Gigabit Ethernet interfaces
    The password-recovery mechanism is enabled.
    64K bytes of flash-simulated non-volatile configuration memory.
    Base ethernet MAC Address       : E8:40:40:06:F0:80
    Motherboard assembly number     : 73-12600-05
    Power supply part number        : 341-0097-03
    Motherboard serial number       : FOC15094MZG
    Power supply serial number      : DCA150583WQ
    Model revision number           : J0
    Motherboard revision number     : A0
    Model number                    : WS-C2960-24TT-L
    System serial number            : FOC1510X4ZQ
    Top Assembly Part Number        : 800-32797-01
    Top Assembly Revision Number    : F0
    Version ID                      : V09
    CLEI Code Number                : COM3L00BRE
    Hardware Board Revision Number  : 0x0A
    Switch Ports Model              SW Version            SW Image
    *    1 26    WS-C2960-24TT-L    12.2(50)SE5           C2960-LANBASEK9-M
    Press RETURN to get started!
    *Mar  1 00:00:31.381: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
    *Mar  1 00:00:32.556: %SPANTREE-5-EXTENDED_SYSID: Extended SysId enabled for type vlan
    *Mar  1 00:00:35.802: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan99, changed state to down
    *Mar  1 00:00:35.861: %SYS-5-CONFIG_I: Configured from memory by console
    *Mar  1 00:00:36.012: %SYS-5-RESTART: System restarted --
    Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(50)SE5, RELEASE SOFTWARE (fc1)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2010 by Cisco Systems, Inc.
    Compiled Tue 28-Sep-10 13:44 by prod_rel_team
    *Mar  1 00:00:36.037: %SSH-5-ENABLED: SSH 1.99 has been enabled
    *Mar  1 00:00:37.060: %LINK-5-CHANGED: Interface FastEthernet0/6, changed state to administratively down
    *Mar  1 00:00:37.094: %LINK-5-CHANGED: Interface FastEthernet0/7, changed state to administratively down
    *Mar  1 00:00:37.127: %LINK-5-CHANGED: Interface FastEthernet0/8, changed state to administratively down
    *Mar  1 00:00:37.161: %LINK-5-CHANGED: Interface FastEthernet0/9, changed state to administratively down
    *Mar  1 00:00:37.195: %LINK-5-CHANGED: Interface FastEthernet0/10, changed state to administratively down
    *Mar  1 00:00:37.228: %LINK-5-CHANGED: Interface FastEthernet0/11, changed state to administratively down
    *Mar  1 00:00:37.262: %LINK-5-CHANGED: Interface FastEthernet0/12, changed state to administratively down
    *Mar  1 00:00:37.362: %LINK-5-CHANGED: Interface FastEthernet0/13, changed state to administratively down
    *Mar  1 00:00:37.362: %LINK-5-CHANGED: Interface FastEthernet0/14, changed state to administratively down
    *Mar  1 00:00:37.362: %LINK-5-CHANGED: Interface FastEthernet0/15, changed state to administratively down
    *Mar  1 00:00:37.404: %LINK-5-CHANGED: Interface FastEthernet0/16, changed state to administratively down
    *Mar  1 00:00:37.446: %LINK-5-CHANGED: Interface FastEthernet0/17, changed state to administratively down
    *Mar  1 00:00:37.488: %LINK-5-CHANGED: Interface FastEthernet0/18, changed state to administratively down
    *Mar  1 00:00:37.497: %LINK-5-CHANGED: Interface FastEthernet0/19, changed state to administratively down
    *Mar  1 00:00:37.539: %LINK-5-CHANGED: Interface FastEthernet0/20, changed state to administratively down
    *Mar  1 00:00:37.572: %LINK-5-CHANGED: Interface FastEthernet0/21, changed state to administratively down
    *Mar  1 00:00:37.606: %LINK-5-CHANGED: Interface FastEthernet0/22, changed state to administratively down
    *Mar  1 00:00:37.639: %LINK-5-CHANGED: Interface FastEthernet0/23, changed state to administratively down
    *Mar  1 00:00:37.673: %LINK-5-CHANGED: Interface FastEthernet0/24, changed state to administratively down
    *Mar  1 00:00:37.690: %LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to administratively down
    *Mar  1 00:00:37.715: %LINK-5-CHANGED: Interface GigabitEthernet0/2, changed state to administratively down
    After the last line, I can not type any command at all.  I encountered this on three 2960 switches that we have here in our laboratory.  Can anybody help me on how I can get access to the switch via console?
    Thanks in advance.

    Have You Check your console Cable.
    also
    If u are using USB to Serial check driver are properly installed.
    else
    See Helpful Cisco Documentation
    http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008010ff7a.shtml
    Do Rate Helpful Posts

  • Aironet 1142 as supplicant to 2960 switch (NEAT/CISP/MAB)

    Hello!
    First, my configuration, (then the problem down below):
    I have an Aironet 1142 with mulitple SSIDs [mapped to VLANs] connected to Gi1/0/2 on a 2960 switch in a user-accessible area.  This switch is uplinked to another 2960 switch in a wiring closet, and the Microsoft NPS server is connected to the wiring closet 2960.
    Aironet -- 2960 [user area] --- 2960 [closet] -- NPS RADIUS
    I have the user-area 2960 configured as an authenticator switch for dot1x, and port Gi1/0/2 is authenticating the Aironet via MAB to RADIUS.  RADIUS is sending VSA device-traffic-class=switch to the 2960.  The closet-2960 has no special 802.1x configuration, nor is it an authenticator swtich; it just has a manually-configured trunk port to the user-area 2960 [for now; i'm trying to take this one step at a time!].
    The user-area 2960 correctly converts port Gi1/0/1 to a trunk port when the Aironet is authenticated [via MAB].  The Aironet boots up, the port is opened, I can ping the Aironet on the native VLAN, and all is well [so it seems].  The Aironet's dot11Radio is configured for two SSIDs and mapped to VLANs, which are being spanned via STP thru the user-area 2960 and the closet-2960.  STP is correct and verified on all switches.
    I have DHCP snooping configured on the user-area 2960 but only for VLAN 1 [but NOT the wireless user VLANs], the trunk port to the closet 2960 is a trusted port.  Hosts on the wired ports on the user-area 2960 are able to get DHCP IPs.  On the Aironet, "show dot11 associations" shows hosts on the SSIDs are getting DHCP addresses.  Again, I am *NOT* running dhcp snooping on wireless SSID VLANs [i read elsewhere that can cause problems as users roam between Aironets].
    I do have CISP configured on the user-area 2960.  I do not have CISP configured on the closet-2960 [best I can tell, that's not required at this stage, but I could be wrong].
    Despite the alleged documentation, I could not get the Aironet to use a dot1x credentials profile to authenticate to NPS/RADIUS as an 802.1x supplicant, which is why I resorted to MAB for this exercise.  The Aironet simply would not run dot1x [best I could tell].  The documentation and configuration didn't seem complex, so I was quite confused.
    I have upgraded the Aironet to the latest 12.4(25d)JA2 software, and the 2960 is at 12.2(55)SE7 [i saw 12.2(58) has some issues, but i'm willing to be persuaded otherwise, based on sound advice].
    Ok, now the problem:  
    Users on the guest wireless SSID (Vlan 20) say they cannot connect.  Yep, classic.  VLAN 20 is trunked and spanned to all the sufficient places.  The Aironet shows users in the associations list for that SSID with IP addresses from the DHCP server!  DHCP snooping is not configured on that VLAN. 
    I read another support forum post saying CISP and MAB could cause problems with "disappearing" ARP entries.  I appear to have that problem.  However, the user on the Staff wireless (VLAN 10) has full access.  Am I running into a problem with "multi-host" authentication config?  Via tcpdump on my firewall, I see nothing but broadcast and multicast traffic coming from a host on VLAN 20.  What puzzles me is how I do see *SOME* traffic from a VLAN 20 host on this SSID, but no unicast traffic! Argh!
    Since you're going to ask, here is my port config for this AP on the 2960 authenticator switch in the user-area, and the AAA config pieces:
    #sh run br | in ip dhcp          
    ip dhcp snooping vlan 1
    no ip dhcp snooping information option
    ip dhcp snooping database flash:dhcp_snoop.txt
    ip dhcp snooping
    #sh ip dhcp snoop
    Switch DHCP snooping is enabled
    DHCP snooping is configured on following VLANs:
    1
    DHCP snooping is operational on following VLANs:
    1
    DHCP snooping is configured on the following L3 Interfaces:
    Insertion of option 82 is disabled
       circuit-id default format: vlan-mod-port
       remote-id: ccd5.3947.7980 (MAC)
    Option 82 on untrusted port is not allowed
    Verification of hwaddr field is enabled
    Verification of giaddr field is enabled
    DHCP snooping trust/rate is configured on the following Interfaces:
    Interface                  Trusted    Allow option    Rate limit (pps)
    GigabitEthernet1/0/46      no         no              15       
      Custom circuit-ids:
    GigabitEthernet1/0/48      yes        yes             unlimited
      Custom circuit-ids:
    GigabitEthernet1/0/52      yes        yes             unlimited
      Custom circuit-ids:
    #sh run br | incl aaa auth
    aaa authentication login default local group rad_eap
    aaa authentication dot1x default group radius
    aaa authorization console
    aaa authorization exec default local group rad_eap
    aaa authorization network default group rad_eap local
    #sh run int gi1/0/2
    interface GigabitEthernet1/0/2
    description Wireless Access Points
    switchport mode trunk
    switchport nonegotiate
    srr-queue bandwidth share 1 30 35 5
    srr-queue bandwidth limit 50
    priority-queue out
    authentication host-mode multi-host
    authentication order mab dot1x
    authentication port-control auto
    authentication violation restrict
    mab
    mls qos trust cos
    macro description CISCO_WIRELESS_AP_EVENT
    auto qos trust
    spanning-tree portfast
    #sh int gi1/0/2 sw
    Name: Gi1/0/2
    Switchport: Enabled
    Administrative Mode: trunk
    Operational Mode: trunk
    Administrative Trunking Encapsulation: dot1q
    Operational Trunking Encapsulation: dot1q
    Negotiation of Trunking: Off
    Access Mode VLAN: 1 (default)
    Trunking Native Mode VLAN: 1 (default)
    Administrative Native VLAN tagging: enabled
    Voice VLAN: none
    Administrative private-vlan host-association: none
    Administrative private-vlan mapping: none
    Administrative private-vlan trunk native VLAN: none
    Administrative private-vlan trunk Native VLAN tagging: enabled
    Administrative private-vlan trunk encapsulation: dot1q
    Administrative private-vlan trunk normal VLANs: none
    Administrative private-vlan trunk associations: none
    Administrative private-vlan trunk mappings: none
    Operational private-vlan: none
    Trunking VLANs Enabled: ALL
    Pruning VLANs Enabled: 2-1001
    Capture Mode Disabled
    Capture VLANs Allowed: ALL
    Protected: false
    Unknown unicast blocked: disabled
    Unknown multicast blocked: disabled
    Appliance trust: none
    #sh auth sess int gi1/0/2
                Interface:  GigabitEthernet1/0/2
              MAC Address:  acf2.c5f2.8e27
               IP Address:  10.100.32.42
                User-Name:  acf2c5f28e27
                   Status:  Authz Success
                   Domain:  DATA
           Oper host mode:  multi-host
         Oper control dir:  both
            Authorized By:  Authentication Server
               Vlan Group:  N/A
          Session timeout:  N/A
             Idle timeout:  N/A
        Common Session ID:  0A64200B00000CDA41AFBEDF
          Acct Session ID:  0x00000D00
                   Handle:  0xDE000CDA
    Runnable methods list:
           Method   State
           mab      Authc Success
           dot1x    Not run
    #sh mab int gi1/0/2
    MAB details for GigabitEthernet1/0/2
    Mac-Auth-Bypass           = Enabled
    #sh int trunk
    Port        Mode             Encapsulation  Status        Native vlan
    Gi1/0/1     on               802.1q         trunking      1
    Gi1/0/2     on               802.1q         trunking      1
    Gi1/0/48    on               802.1q         trunking      1
    Gi1/0/52    on               802.1q         trunking      1
    Port        Vlans allowed on trunk
    Gi1/0/1     1-4094
    Gi1/0/2     1-4094
    Gi1/0/48    1-2,10,20
    Gi1/0/52    1-2,10,20
    Port        Vlans allowed and active in management domain
    Gi1/0/1     1-2,10,20
    Gi1/0/2     1-2,10,20
    Gi1/0/48    1-2,10,20
    Gi1/0/52    1-2,10,20
    Port        Vlans in spanning tree forwarding state and not pruned
    Gi1/0/1     1-2,10,20
    Gi1/0/2     1-2,10,20
    Gi1/0/48    2
    Gi1/0/52    1-2,10,20
    Ok, what am I missing??

    The problem lies in the wired Ethernet port on the Aironet.  I did not submit that configuration because I thought it was simple and unrelated.  Here is what I had:
    interface GigabitEthernet0.20
    encapsulation dot1Q 20
    no ip route-cache
    bridge-group 20
    no bridge-group 20 source-learning
    no bridge-group 20 unicast-flooding
    bridge-group 20 spanning-disabled
    The correct configuration should have been:
    interface GigabitEthernet0.20
    encapsulation dot1Q 20
    no ip route-cache
    bridge-group 20
    no bridge-group 20 source-learning
    bridge-group 20 spanning-disabled
    The line "no bridge-group 20 unicast-flooding" should not be applied to the wired port.  That's stupid.   With that erroneous command, the wired port will forward only broadcast and multicast traffic!  Unicast traffic will be dropped.  Oops.
    However, I do not understand why applying this to the radio interfaces has no effect there.  I have yet to find any conclusive detailed answers, either.  Regardless, my original problem is fixed.

  • Catalyst 2960 POE Switch Consumption Mode

    Hi,
    I'm curious how I can configure a 2960 to function in POE consumption mode. I know with other switches you can explicitly configure them to only give devices the power they consume and not power based on what class the belong to.
    I have read that the following command should do what I need:
    power inline consumption wattage
    ...although I would have thought I wouldn't need to specify the wattage if I wanted the device to tell the switch how much power it needs.
    Thanks

    Hi,
    The "power inline consumption" command is a global config that applies to the entire switch to override the default:
    from the command reference guide
    Use the power inline consumption global or interface configuration command on the switch stack or on a standalone switch to override the amount of power specified by the IEEE classification for the device by specifying the wattage used by each powered device. Use the no form of this command to return to the default power setting.
    http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750e_3560e/software/release/12-2_44_se/command/reference/cr1/cli1.html#wp8821622
    HTH

  • Catalyst 2960 switch

    Hi all,
    I'm using switch Catalyst 2960. I use pc for console, I want to packet from a device to switch, I saw that Switch only receive bytes but not receive packets, I don't know why? I console switch, " show interfaces stats". Thank you very much.

    Post the complete output to the command "sh interface <BLAH>".

  • AAA configuration on switches 2960

    Hi
    I have introduced the following configuration of AAA in the switches of series 2950 and works very well,
    but when I do the same in switches 2960, the local password does not work and it is obligatory to introduce the switch in the ACS to have management of the switch.
    Is needed some additional configuration of AAA in switches 2960?
    Thanks.
    tacacs-server host y.y.y.y
    tacacs-server key xxxxx
    aaa new-model
    aaa authentication login acceso-consola group tacacs+ line
    aaa authentication login acceso-telnet group tacacs+ line
    aaa authentication enable default group tacacs+ enable
    aaa authorization commands 1 default group tacacs+ if-authenticated
    aaa authorization commands 15 default group tacacs+ if-authenticated
    aaa accounting commands 1 default start-stop group tacacs+
    aaa accounting commands 15 default start-stop group tacacs+
    line con 0
    exec-timeout 0 0
    login authentication acceso-consola
    line vty 0 4
    login authentication acceso-telnet

    Maria
    Perhaps some clarification of your environment might help us. In particular it would help to understand how you produce the "without ACS" environment.
    Clearly the switch is still configured for ACS. And clearly there is connectivity from the switch to the ACS. And the ACS is responding to the authentication request from the switch. I am not sure what the errno 254 represents or what on the ACS server causes it. Perhaps you can help us understand that?
    I had a situation at one point that may have been similar to your situation. Our devices were sending requests to ACS. But ACS was not able to communicate with the external DB because one of the services on ACS was not running. ACS responded with an error indicating unable to process. But the IOS devices were not interpreting that as an error that should send them to the backup authentication method.
    If you are stopping something on the ACS server then I would suggest that a better test would be to break IP connectivity between the switch and the ACS so that the switch receives no response to its request or to change the configured IP address for the server in the switc and point to some device not running ACS so that the switch receives a port unreachable response to its request. Those would give you a better test of without ACS.
    HTH
    Rick

  • 3560G and 2960 switch CPU loading

    Hi all,
    I'm using PRTG monitoring switchs performance, the core switch 3560G CPU is 75% and outsite switch 2960 CPU is 25%, is it high loading of those switch ?
    Thanks

    Hi Leo
    I have attached PRTG report and Cisco show proc memory command to you, thanks for help.
    3560G
    Processor Pool Total:   94334556 Used:   14594348 Free:   79740208
          I/O Pool Total:    8380416 Used:    3587708 Free:    4792708
    Driver te Pool Total:    1048576 Used:         40 Free:    1048536
    2960
    Processor Pool Total:   34988900 Used:    8256776 Free:   26732124
          I/O Pool Total:    4186112 Used:    1641672 Free:    2544440
    Driver te Pool Total:    1048576 Used:         40 Free:    1048536

  • Switch 2960-S

    Good evening,
    I have purchased a new 2960 - S switch catalyst and have configured one SVI (interface -Layer 3). But my problem is that can't to use the show ip route command on this model.
    This device has the universalk9 flash.
    Thanks in advance!

    You won't be able to, because it's a L2 switch, i.e. it cannot route!
    Martin

  • Increasing TFTP block size for 2960 series switches

    I have read that some Cisco components can increase the default TFTP block size to values greater than 512 bytes by using the command -
    ip tftp blocksize xxxx
    This doesn't seem to be available on Cisco 2960 series switches. Is there a way to do this with the 2960's?

    I have moved a WS-C2960-24LC-S running LanLite to 12.2(55)SE9 - the current end of the line for this switch - and indeed the command is not present. Sooo....this appears to be a limitation of LanLite.
    My predecessor implemented about 70 switches with LanLite. I put a stop to this about a year ago but it is going to take some time to flush them out of the inventory.
    Thanks for your response.

  • Siemens HiPath PBX not answering when connected in 2960 class switches

    Hi guys,
    I have some HiPath PBXs connected in the network using a dedicated VLAN.
    While their uplink is a UTP port in any 2950 class Cisco switch, everything is working fine.
    When replacing the switch with a newer 2960 class. not working anymore.
    Moving back to 2950 - start working again.
    Switches have same VLAN configuration, port configuration... everything identical except switch model.
    This happens for HiPath 4000 as well as HiPath 3000 PBXs.
    If any idea on this... much appreciated.
    Thank you,
    Catalin

    Hi Andras,
    Just looked at them on the 2960 switch, but I can't make anything as being an issue. Pasted here below.
    On the old 2950, I can only see that interface is configured in the same vlan 15 - all that was shown - does not recognize "sh run all" command.
    Many thanks!
    interface GigabitEthernet1/0/24
     description HiPath local
     switchport
     switchport access vlan 15
     no switchport nonegotiate
     no switchport protected
     no switchport block multicast
     no switchport block unicast
     no ip arp inspection trust
     ip arp inspection limit rate 15 burst interval 1
     ip arp inspection limit rate 15
     no shutdown
     duplex full
     ipv6 mld snooping tcn flood
     snmp trap mac-notification change added
     snmp trap mac-notification change removed
     snmp trap link-status
     mls qos cos 0
     cdp tlv location
     cdp tlv server-location
     cdp tlv app
     spanning-tree port-priority 3
     spanning-tree cost 3
     ip igmp snooping tcn flood

  • 2960-S switch firmware upgrade path ?

    Hello, I have a stack of three 2960-S switches. They are currently running ' Version 12.2(53)SE2, RELEASE SOFTWARE (fc3'.
    Is it OK to do a direct upgrade to 'c2960s-universalk9-tar.122-58.SE2' ? or is an incremental upgrade required ?
    I understand I simply upgrade this to the master switch in the stack and it then propagates to the other switches.
    Is there anything else important I need to be aware of ?
    Thanks for any advice.

    You can upgrade directly to that version of code.  Just be sure to use the archive download-sw command and it will transfer the image to all switches in the stack.  Good luck!

  • 2960s switch gui and smartport user defined macro

    Hi,
    I have a few 2960s switches and would like to use the GUI to configure ports using the smartport function. These seem to be based on predefined macro's which I can't edit. I have created my own macro, how do I enable the macro in the GUI so I can use the use my own macro?
    Regards,
    Paul

    Ok, SmartPort macro is now a HIDDEN command, since 12.2(58)SE and later.  
    If you've got a macro you want to use, you have to enter it using CLI.  Here's how you do it: 
    config t
    macro name <BLAH>
    [ENTER YOUR MACRO HERE]
    [Use the "@" to end your macro]
    end
    To envoke the macro: 
    config t
    interface <BLAH>
    macro apply <MACRO NAME>
    end
    To view the macro: 
    sh pars macro name <MACRO NAME>

  • How to priorities(QoS) the traffic for DSCP 46 and 34 in cisco 2960s switch

    HI,
    We are going to implement Microsoft Lyncs 2013 in our network, so how to priorities the traffic for DSCP 46 and 34 in cisco 2960s switch. Kindly replay with detailed QoS commands for enabling QOs in LAN.
    Thanks
    Sujish

    Hi,
    Have a look at this config guide for all the details:
    http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_53_se/configuration/guide/2960scg/swqos.html
    HTH

  • How to connet cisco 2960S switch to sony nexus 7?

    I want to buy an cisco WS-C2960S-24TS-S switch to help me solve business networking problem. Can someone help me to connect cisco 2960s switch to nexus 7 ?

    I don't need to do anything config on the new switch, I just need to upgrade the new switch's IOS version as the existing stack.
    Correct.  Upgrade using the command "archive download-sw" instead copying the BIN files.  
    After doing above task, I connect all stack cable and power cord as you said, and then the new switch can be synchronized with the MASTER switch. right??
    Correct.  The new switch should NOT have any configuration.  This includes VLAN.dat file.

  • Half Duplex/100M problem on 2960 switch with GLC-GE-100FX

    We have a 2960-24TC switch with GLC-GE-100FX SFP interface converter. We connected the switch to another switch through fiber, one end was GLC-GE-100FX and the other end was a 100/FULL ATI media converter. Both switches could talk to each other. The problem was the GLC-GE-100FX interface running at 100M/half duplex status and we couldn't change the port configuration. Is there a way to fix this problem? Your help would be much appreciated.

    Using show interface command. It shows half duplex. It's a new design on Cisco 2960-24TC switches, the Giga uplink ports are dual purposed. When I plugged GLC-GE-100FX SFP interface converter and connected it to a media converter, it showed half duplex. There's no way I could change the speed and duplex under that configuration.

Maybe you are looking for