WYSE terminals, 802.1x, Cisco 3560, Dell Servers

1)We are having an issue with our WYSE terminals where users can attempt to login before they are device is 802.1x authenticated.
2) We have Dell Servers with Broadcom Gigabit NiCs. To run at 1000 Full, the card has to be configured for Auto, so I would assume that the switch should be set for auto going by best practices. However, outside vendors are saying that they read that the switch port should be locked at 1000 Full. Please share your thoughts.

GB ports will support auto-negotiation for flowControl but should be set 1000mb statically if you required GB port speed.
do not set your ports to auto, force them to 1GB. (standard practice; my preference)
the ealiest implementations of GB ports did not support 'auto' as a speed type and you only had one option, 1000mb.
todays cisco switches have the ability to set 'auto' for GB speeds but i personally stay away from that and use static settings for GB ports and at most, negotiate the flowControl.
i think it a good practice to statically set your routed ports, server ports, etc. but the ability to 'auto' GB is in todays switches, so it should be possible for you to set it to 'auto' and it work as expected.

Similar Messages

  • How to configure a Cisco 3560 with MAC-based 802.1x authentication by radius server

    Hi dearI 
    How can I configure a Cisco 3560 to authenticate a client based on its mac address with 802.1x and radius server. Many tanks in advance!

    Olivier,
    You can't reference WLP visitor roles in weblogic.xml, but you can
    reference global roles (created using the WLS console):
    - <security-role-assignment>
    <role-name>PortalSystemAdministrator</role-name>
    <externally-defined />
    </security-role-assignment>
    -Phil
    "Olivier" <[email protected]> wrote in message
    news:[email protected]..
    >
    We need to have login page to our portal app.
    When using "form based" authentication is it possible to map the securityon a
    "entitlement role" ?
    Our need is to be abled to give direct url acces to some pages of theportal (for
    exemple by sending urls like"http://server/appcontextpath/appmanager/myportal/mydesktop?_nfpb=true&_page
    Label=mypage")"
    by email to portal users) and need a simple mecanism of authenticationbefore
    redirecting to the portal page.
    Inste

  • Dell Servers with Nexus 7000 + Nexus 2000 extenders

    << Original post by smunzani. Answered by Robert. Moving from Document section to Discussions>>
    Team,
    I would like to use some of the existing Dell Servers for new network design of Nexus 7000 + Nexus 2000 extenders. What are my options for FEC to the hosts? All references of M81KR I found on CCO are related to UCS product only.
    What's best option for following setup?
    N7K(Aggregation Layer) -- N2K(Extenders) -- Dell servers
    Need 10G to the servers due to dense population of the VMs. The customer is not up for dumping recently purchased dell boxes in favor of UCS. Customer VMware license is Enterprise Edition.
    Thanks in advance.

    To answer your question, the M81KR-VIC is a Mezz card for UCS blades only.  For Cisco rack there is a PCIe version which is called the P81.  These are both made for Cisco servers only due to the integration with server management and virtual interface functionality.
    http://www.cisco.com/en/US/prod/collateral/ps10265/ps10493/data_sheet_c78-558230.html
    More information on it here:
    Regards,
    Robert

  • Communication problem between Cisco 3560 and Cisco SG300.

    Dear Support,
    I have a Cisco SG300 and Cisco 3560 switches.
    3560 is my Core Switch and SG300 is access switch.
    From 3560 VLAN information is not passed to SG300.
    3560 Configuration:
    interface GigabitEthernet0/23
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 1,2,10,11
    switchport mode trunk
    SG300 Configuration:
    interface gigabitethernet49
    spanning-tree link-type point-to-point
    switchport mode general
    switchport general allowed vlan add 2,10-11 tagged
    macro description switch
    Please suggest how this issue is resolve.
    Regards,
    JItesh Mahajan.

    Dear Aleksandra,
    Below Configuration is right or wrong for 3560 and SG300.
    3560 Configuration:
    interface GigabitEthernet0/23
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan remove VLAN 1
    switchport native vlan 1
    switchport trunk allowed vlan 1,2,10,11
    switchport mode trunk
    SG300 Configuration:
    interface gigabitethernet49
    spanning-tree link-type point-to-point
    switchport mode general
    switchport general allowed vlan add 2,10-11 tagged
    macro description switch
    Regards,
    JItesh Mahajan.

  • Embeded Event Manager on cisco 3560 switch

    Can someone help me please? I have EEM configured on cisco 3560 switch. The configuration is below. I want that switch inform me through email when device with particilular IP address become unavailable. For some reason this configuration is not good and I can't tell why. I already try to debug this with debug event manager action mail but didn't see any output .
    ip sla 11
    icmp-echo ip address
    frequency 20
    ip sla schedule 11 life forever start-time now
    event manager applet device-TEST
    event snmp oid 1.3.6.1.4.1.9.9.42.1.2.9.1.6.11 get-type exact entry-op lt entry-val "2" poll-interval 20
    trigger occurs 5 period 120
    action 02.0 mail server "ip address" to "[email protected]" from "[email protected]" subject "device is down"

    The mail part looks good, I'm not sure you are hitting the trigger right.
    Why not do a track on the ip sla instead of the snmp stuff?
    Here's a good example of that.
    https://learningnetwork.cisco.com/blogs/network-sheriff/2009/06/19/writing-your-first-eem-applet

  • Ivette manzur : Interface errors problems on cisco 3560

    Hello,
    I have a problem on one of the interfaces on a cisco 3560 switch. In fact, I set up a monitoring network recently (cacti), and I have a significant number of errors on the interfaces. the problem is that when I do a sh interface I see no errors, and even by making a clear counters it does not solve my problem .. I also changed the wiring with cat 6 cables but nothing has changed ..
    What are the main causes of errors on an interface of a switch? what should I do in this case?
    Thank you for your help in advance
    ivette manzur

    Hello,
    I've a e61i and I experience a similar problem. My phone work very well on WiFi network with no encryption as well as 64-bit wep.
    At home I've 2 wireless routers, both encrypted at 128 bits, one with WEP and the other with WPA. On both of them I can correctly obtain an IP thru DHCP, but the traffic do not go thru.
    By using IfInfo I think I discovered the reason of the problem (unless IfInfo is not working properly...) and it seems a bug related to the netmask, broadcast and gateway settings. The router is 192.168.15.1 and this is what I get:
    1) DHCP case -- I get two IP adresses: the 169.254.x.x and the one assigned to the router. DNS is also set properly, but both gateway, broadcast and netmask are set to 0.0.0.0 for both IPs.
    IP Addr: 169.254.162.106
    Netmask: 0.0.0.0
    Broadcast: 0.0.0.0
    Gateway: 0.0.0.0
    DNS1: 192.168.15.1
    IP Addr: 192.168.15.100
    Netmask: 0.0.0.0
    Broadcast: 0.0.0.0
    Gateway: 0.0.0.0
    DNS1: 192.168.15.1
    2) Static IP 192.168.15.64, netmask set to 255.255.255.0 and gateway and DNS set to 192.168.15.1. The 169.254.x.x disappears and I get only one IP which is set to:
    IP Addr: 192.168.15.64
    Netmask: 0.0.0.0
    Broadcast:192.168.15.255
    Gateway: 192.168.15.1
    DNS1: 192.168.15.1
    So in conclusion, it seems that with 128bit encryption, in the DHCP case gateway, broadcast and netmask are not assigned correctly! While in the Static IP case the netmask is still not assigned correctly!!!
    Hope this can help...
    --AP

  • Quick Question about Cisco 3560 and the Web Device Manager

    Alright, I have a quick question that I am curious about but I haven't found any information
    about it.
    When I log into my Cisco 3560 using the web portal to get to the Device Manager. Below the
    diagram of the switch, then under the Dashboard there is section called Switch
    Health, Port Utilization.
    Under the Switch Health there is Bandwidth Used, Packet Error. Those two options just sit
    at zero and do not move. The Port tilization graph is also sitting at zero.
    Is there a way to make them functional?

    Anyone notice performance increase or decrease of their HD when using the nVidia IDE SW drivers?  particularly with a 74GB Raptor?  I've also heard of burner issues when installing the IDE SW but have not used my burner yet.

  • Multiple HSRP instances on Cisco 3560 L3 EMI?

    Hi, can someone tell me if a Cisco 3560 L3 EMI can support HSRP for multiple vlan interafces?

    Hi Billy,
    SMI image does not support HSRP.
    Chek this link for more differnces
    http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_example09186a0080169623.shtml
    HTH
    Ankur

  • Ipv6 HSRP gloabl unicast address on cisco 3560 switch

    Dear Team,
    We are using cisco 3560 switch. Now we are going to implement ipv6 in our network. But we are not disturbing to existing ipv4. my question is 1) Can we confiure the global unicast ipv6 address in ipv6 HSRP and 2) can cisco 3560 switch will support ipv4 and ipv6 standby group on same SVI ?                 

    YES

  • R12 on Dell servers ???

    Hi,
    How is Oracle apps R12 on dell servers with EMC storage?
    Till now I have always used hp or sun servers. On my new they are thinking of R12 upgrade with Dell servers?
    Any input is apreciated.

    Just get comfortable with Linux and you will be fine. I would go with 64-bit, otherwise you will have a 1.7 GB SGA limitation on 32-bit linux.
    Oracle Applications Installation and Upgrade Notes Release 12 (12.0) for Linux (64-bit)
    http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=416305.1
    Oracle Applications Installation and Upgrade Notes Release 12 (12.0) for Linux (32-bit)
    http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=402310.1
    Oracle Applications Installation and Upgrade Notes Release 12 (12.0) for Solaris Operating System (SPARC)
    http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=402312.1

  • Multilayer Cisco 3560 Switched network

    Hi,
    I have a multilayer Cisco 3560 network. All sites are connected to each other using RIP V2. The area marked in red is what we are having an issue with.
    1. We have remote sites connected by microwave links using Cisco 3560.
    2. In the attached image "Site-1" inherits all the configuration from the Headoffice. They also get their internet connection from the Headoffice over the " 256Kbps DSL-DATALINK".
    3. The area marked in red are the 2 sites, they were connected to each other using a data link.
    4. The 100 Mbps microwave links were commissioned lately so we want to use these links for our Internet + Data connections.
    5. HEAD OFFICE switch is running the VTP Domain.
    Question
    1. I have rip version 2 running how do I get "SITE-1" to share the internet connection from Headoffice over the Wireless Links
    2. Site-1 should get the IP address from the HeadOffice DHCP server over the wireless links.
    3. The "DSL-DATALINK" should work as a backup/redundant link. If my 100 Mbps link is down it should automatically switch to the DSL link.
    Kindly give me your expert comments/suggestions in how do I go about achieving the above.
    Regards
    Sarfaraz

    RIP works on hop-count and it will prefer the DSL connection over the Wireless link (1 hop vs 4 hops).
    You can alter this behavior by creating an offset list on routes incoming the data link.
    router rip
    version 2
    offset-list 0 in 5 [data link interface]
    http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/hirp_r/rte_rih.htm#wp999452
    You need to this on both routers (site1 and HQ).

  • Configuring rcp on ciscoworks LMS 2.5 and cisco 3560 switch

    Dear All,
    i am having LMS 2.5 and nearly 50 cisco 3560 in my network. And I want to configure rcp. How can I do it. Kindly help
    regards,
    RAHIL KHAN

    Have a look at this link for the server:
    http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_resource_manager_essentials/4.0/user/guide/swmgt.html#wp1328314
    For the device you'll need something like:
    username cwuser password 7 000C1C0A05
    ip rcmd rcp-enable
    ip rcmd remote-host cwuser 172.17.246.221 cwuser enable
    ip rcmd remote-username cwuser

  • MTU Size Issue on Cisco 3560 Switch

    Could anybody tell me how to change MTU Size on a Cisco 3560 Switch.i mean to say whether it is to be changed on FastEthernet Interfaces or on VLAN 1 or on Global Configuration Mode and with which Command to change it.

    I am using MPLS on my Routers and the MTU size i have set on my Router Interfaces is 1524.
    When i do a normal ping from Customer's one site to another (where my Traffic has to pass through this Switch VLAN)i get a reply , but when a Ping with a Byte Size of 1500 or more the Packets get completely dropped.
    I think due to MTU Mistach bet. Switch and Router the Packets r getting droped,that is why i was trying to change it.
    could the Packets get dropped because of this reason.Please suggest.

  • DHCP and voice vlan on Cisco 3560 switch

    Greetings,
    I'm setting up a Cisco 3560 switch for voice and data comms. I'm looking for documentation with best practice guidelines for the following requirements.
    1. Using the Cisco 3560 as a DHCP server - Config examples.  Do I need to use different subnets for the voice and data vlans?
    2. Layer 2 CoS QoS  - I'm connecting Aastra phones as well as notebooks - I've been told that Aastra also makes use of the voice vlan config through LLDP and that Aastra phones supports CDP.
    Your assistance will be appreciated.

    Hi ,
    Cisco recommends that you have a separate vlan for  voice and data with different ip subnets for voice and data. You will need to configure the dhcp pool accordingly.
    Here is the config guide for setting up IOS DHCP server:
    http://www.cisco.com/en/US/docs/ios/12_0t/12_0t1/feature/guide/Easyip2.html
    Here is the LAN qos recommendations:
    http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/7x/netstruc.html#wp1044009

  • Re: Mac Address\IP Bunding on Cisco 3560

    I was searching for an option on the Cisco 3560 to statically assign an ip address on a particlar host on a vlan1 as an example. Currently the 3560 is DHCP enabled.
    ip dhcp excluded-address 10.x.x.x 10.x.x.x
    ip dhcp pool 1
    network 10.x.x.0 255.255.255.255
    domain-name northamerica.corporate-domain.net
    dns-server 10.x.x.x 10.x.x.x
    netbios-name-server 255.66.175.255
    default-router 10.x.x.1
    lease 0 12
    What would the command be to bind a reserved ip for a host with the mac of xxxx.xxxx.xxx.xxxx
    Thanks.
    -fz

    Actually, you can use a TFTP server...
    First of all, create a text file using a text editor (call it 'dhcpstatic', for instance) with the following contents (don't include the dashes):
    *time* Jan 21 2005 03:52 PM
    *version* 1
    !IP address Type Hardware address Lease expiration
    172.16.12.100 /24 1 0011.4342.e9a5 Infinite
    Then do the following:
    no service dhcp
    ip dhcp pool pool1
    network 172.16.12.0 255.255.255.0
    domain-name xxxdomain.com
    dns-server 172.16.12.20 172.16.12.21
    netbios-name-server x.x.x.x
    default-router 172.16.12.1
    lease 0 12
    origin file tftp:///dhcpstatic
    Then do a 'service dhcp'...
    Once you have this working, we can do a further optimisation by storing the file on your switch so that you don't need to use a TFTP server...
    Hope that helps - pls rate the post if it does.
    Paresh

Maybe you are looking for

  • How To Transfer MP3 Files from HD to IPOD?

    I just got a new 30GB IPOD which I assume is the latest model. It came in a black box and says part number "PA149LL/A", but has no model number on the box. The published web documentation for this is WRONG, and hard copy instruction with the unit is

  • X randomly crashing, cannot ctrl-alt-bksp

    The first crash was a couple of months ago, and I will admit I just ignored it, especially since it didn't crash again for about a month. Then I was starting to think I might have a problem and did a bit of research. I thought turning off compositing

  • HOw to collect a balanced scorecard

    Hi Gurus, How to collect a balance scorecard. Thanks Best Regards, Reddy.

  • Songs that cannot be played?

    I imported an album that I purchased and when I tried to add the album to my ipod it said it couldn't because the "songs could not be played" why is this???why does it only do that for some cds? This one is not burned or ripped or made from a downloa

  • Escaping in onmouseover attribut

    Hi guys, I'm using the attribute onmouseover of a commandLink. The JS - function looks like this: do_something('#{MyBean.dao.info1}')The values from the Bean aren't escaped and it would be quite a big effort to change this. Is there any possiblity to