Software Configuration Guide
Page 2
..., INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. Copyright © 1981, Regents of the University of the word partner does not imply a partnership relationship Catalyst 2950 Desktop Switch Software Configuration Guide Copyright © 2001-2002, Cisco Systems, Inc. All rights...
..., INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. Copyright © 1981, Regents of the University of the word partner does not imply a partnership relationship Catalyst 2950 Desktop Switch Software Configuration Guide Copyright © 2001-2002, Cisco Systems, Inc. All rights...
Software Configuration Guide
Page 6
Contents Example Configuration 4-8 Manually Assigning IP Information 4-10 Checking and Saving the Running Configuration 4-...Switch Characteristics 6-3 Candidate Switch and Member Switch Characteristics 6-4 Planning a Switch Cluster 6-5 Automatic Discovery of Cluster Candidates and Members 6-5 Discovery through CDP Hops 6-6 Discovery through Non-CDP-Capable and Noncluster-Capable Devices 6-7 Discovery through the Same Management VLAN 6-8 Discovery through Different Management VLANs 6-9 Discovery of Newly Installed Switches 6-10 HSRP and Standby Command Switches 6-12 Catalyst 2950 Desktop Switch...
Contents Example Configuration 4-8 Manually Assigning IP Information 4-10 Checking and Saving the Running Configuration 4-...Switch Characteristics 6-3 Candidate Switch and Member Switch Characteristics 6-4 Planning a Switch Cluster 6-5 Automatic Discovery of Cluster Candidates and Members 6-5 Discovery through CDP Hops 6-6 Discovery through Non-CDP-Capable and Noncluster-Capable Devices 6-7 Discovery through the Same Management VLAN 6-8 Discovery through Different Management VLANs 6-9 Discovery of Newly Installed Switches 6-10 HSRP and Standby Command Switches 6-12 Catalyst 2950 Desktop Switch...
Software Configuration Guide
Page 8
... Starting TACACS+ Accounting 7-17 Displaying the TACACS+ Configuration 7-17 Controlling Switch Access with RADIUS 7-18 Understanding RADIUS 7-18 RADIUS Operation 7-19 Configuring... 7-29 Configuring the Switch to Use Vendor-Specific RADIUS Attributes 7-29 Configuring the Switch for Vendor-Proprietary RADIUS Server Communication... Configuration 7-31 Configuring the Switch for Local Authentication and Authorization 7-32 Configuring the Switch for Secure Shell 7-33 ... 7-42 Displaying the NTP Configuration 7-43 Configuring Time and Date Manually 7-43 Setting the System Clock 7-44 Displaying the Time and Date...
... Starting TACACS+ Accounting 7-17 Displaying the TACACS+ Configuration 7-17 Controlling Switch Access with RADIUS 7-18 Understanding RADIUS 7-18 RADIUS Operation 7-19 Configuring... 7-29 Configuring the Switch to Use Vendor-Specific RADIUS Attributes 7-29 Configuring the Switch for Vendor-Proprietary RADIUS Server Communication... Configuration 7-31 Configuring the Switch for Local Authentication and Authorization 7-32 Configuring the Switch for Secure Shell 7-33 ... 7-42 Displaying the NTP Configuration 7-43 Configuring Time and Date Manually 7-43 Setting the System Clock 7-44 Displaying the Time and Date...
Software Configuration Guide
Page 9
... Entries 7-58 Adding and Removing Secure Addresses 7-59 Displaying Address Table Entries 7-60 Managing the ARP Table 7-61 Switch Software Releases 7-61 Configuring 802.1X Port-Based Authentication 8-1 Understanding 802.1X Port-Based Authentication 8-1 Device Roles 8-2... 8-6 802.1X Configuration Guidelines 8-7 Enabling 802.1X Authentication 8-8 Configuring the Switch-to-RADIUS-Server Communication 8-9 Enabling Periodic Re-Authentication 8-10 Manually Re-Authenticating a Client Connected to a Port 8-11 Changing the Quiet Period 8-11 Catalyst 2950 Desktop Switch Software Configuration Guide ix
... Entries 7-58 Adding and Removing Secure Addresses 7-59 Displaying Address Table Entries 7-60 Managing the ARP Table 7-61 Switch Software Releases 7-61 Configuring 802.1X Port-Based Authentication 8-1 Understanding 802.1X Port-Based Authentication 8-1 Device Roles 8-2... 8-6 802.1X Configuration Guidelines 8-7 Enabling 802.1X Authentication 8-8 Configuring the Switch-to-RADIUS-Server Communication 8-9 Enabling Periodic Re-Authentication 8-10 Manually Re-Authenticating a Client Connected to a Port 8-11 Changing the Quiet Period 8-11 Catalyst 2950 Desktop Switch Software Configuration Guide ix
Software Configuration Guide
Page 26
... This guide does not repeat the concepts and CLI procedures provided in the Catalyst 2950 Desktop Switch Command Reference. Cisco IOS Release 12.1(11)EA1 is organized into these chapters: Chapter 1, "Overview...Catalyst 2950 Desktop Switch Software Configuration Guide 78-14982-01 Organization Preface This guide does not describe system messages you might receive. Organization This guide is not for creating and maintaining them to administer your switch through CMS; Chapter 6, "Clustering Switches," describes switch clusters and the considerations for use of automatic and manual...
... This guide does not repeat the concepts and CLI procedures provided in the Catalyst 2950 Desktop Switch Command Reference. Cisco IOS Release 12.1(11)EA1 is organized into these chapters: Chapter 1, "Overview...Catalyst 2950 Desktop Switch Software Configuration Guide 78-14982-01 Organization Preface This guide does not describe system messages you might receive. Organization This guide is not for creating and maintaining them to administer your switch through CMS; Chapter 6, "Clustering Switches," describes switch clusters and the considerations for use of automatic and manual...
Software Configuration Guide
Page 28
... • Terminal sessions and system displays are in screen font. • Information you might not be careful. xxviii Catalyst 2950 Desktop Switch Software Configuration Guide 78-14982-01 Chapter 27, "Configuring EtherChannels," describes how to materials not contained in angle brackets (< ...these conventions and symbols: Note Means reader take note. The tips information might do something that could be useful information. With this manual. Caution Means reader be troubleshooting or even an action, but could result in italic. • Square brackets ([ ]) indicate optional ...
... • Terminal sessions and system displays are in screen font. • Information you might not be careful. xxviii Catalyst 2950 Desktop Switch Software Configuration Guide 78-14982-01 Chapter 27, "Configuring EtherChannels," describes how to materials not contained in angle brackets (< ...these conventions and symbols: Note Means reader take note. The tips information might do something that could be useful information. With this manual. Caution Means reader be troubleshooting or even an action, but could result in italic. • Square brackets ([ ]) indicate optional ...
Software Configuration Guide
Page 30
...manual that you wish to comment on the Cisco TAC Web Site. Obtaining Technical Assistance Cisco provides Cisco.com as a single unit or through a local account representative by calling Cisco Systems Corporate Headquarters (California, U.S.A.) at 408 526-7208 or, elsewhere in North America, by using the Cisco Technical Assistance Center (TAC) Web Site. Catalyst 2950 Desktop Switch... Software Configuration Guide xxx 78-14982-01 The Documentation CD-ROM is shipped with your comments to the Cisco documentation...
...manual that you wish to comment on the Cisco TAC Web Site. Obtaining Technical Assistance Cisco provides Cisco.com as a single unit or through a local account representative by calling Cisco Systems Corporate Headquarters (California, U.S.A.) at 408 526-7208 or, elsewhere in North America, by using the Cisco Technical Assistance Center (TAC) Web Site. Catalyst 2950 Desktop Switch... Software Configuration Guide xxx 78-14982-01 The Documentation CD-ROM is shipped with your comments to the Cisco documentation...
Software Configuration Guide
Page 101
... process involves the operation of automatic and manual methods. The boot loader provides access to the Flash file system before the operating system is not active until the next system reset or power-on. 78-14982-01 Catalyst 2950 Desktop Switch Software Configuration Guide 4-1 It tests the ...CPU DRAM and the portion of the Flash device that shipped with your switch. After the boot loader gives the operating system control of these activities:...
... process involves the operation of automatic and manual methods. The boot loader provides access to the Flash file system before the operating system is not active until the next system reset or power-on. 78-14982-01 Catalyst 2950 Desktop Switch Software Configuration Guide 4-1 It tests the ...CPU DRAM and the portion of the Flash device that shipped with your switch. After the boot loader gives the operating system control of these activities:...
Software Configuration Guide
Page 102
... the configuration file. With this configuration information: • Default Switch Information, page 4-3 • Understanding DHCP-Based Autoconfiguration, page 4-3 • Manually Assigning IP Information, page 4-10 Catalyst 2950 Desktop Switch Software Configuration Guide 4-2 78-14982-01 For more information about ...enough access to the hardware installation guide that shipped with the switch configuration steps; For more information, see the "Recovering from Corrupted Software" section on Cisco.com. Assigning Switch Information You can format the Flash file system, reinstall the...
... the configuration file. With this configuration information: • Default Switch Information, page 4-3 • Understanding DHCP-Based Autoconfiguration, page 4-3 • Manually Assigning IP Information, page 4-10 Catalyst 2950 Desktop Switch Software Configuration Guide 4-2 78-14982-01 For more information about ...enough access to the hardware installation guide that shipped with the switch configuration steps; For more information, see the "Recovering from Corrupted Software" section on Cisco.com. Assigning Switch Information You can format the Flash file system, reinstall the...
Software Configuration Guide
Page 110
... remote networks with unresolved destination IP addresses from the switch. Current configuration : 2081 bytes ! Checking and Saving the Running Configuration Chapter 4 Assigning the Switch IP Address and Default Gateway Manually Assigning IP Information Beginning in the configuration file. Enter..., use the no service password-encryption service sequence-numbers 4-10 Catalyst 2950 Desktop Switch Software Configuration Guide 78-14982-01 If you made by entering this privileged EXEC command: Switch# show running-config copy running -config Building configuration... Enter the...
... remote networks with unresolved destination IP addresses from the switch. Current configuration : 2081 bytes ! Checking and Saving the Running Configuration Chapter 4 Assigning the Switch IP Address and Default Gateway Manually Assigning IP Information Beginning in the configuration file. Enter..., use the no service password-encryption service sequence-numbers 4-10 Catalyst 2950 Desktop Switch Software Configuration Guide 78-14982-01 If you made by entering this privileged EXEC command: Switch# show running-config copy running -config Building configuration... Enter the...
Software Configuration Guide
Page 113
... and usage information for automating the deployment and management of a user-defined external directory. 78-14982-01 Catalyst 2950 Desktop Switch Software Configuration Guide 5-1 In server mode, the Configuration Registrar supports the use the feature described in this ...network devices and services (see Figure 5-1). In this section, refer to the Cisco Intelligence Engine 2100 Series Configuration Registrar Manual, and select Cisco IOS Software Release 12.2 > New Feature Documentation > 12.2(2)T on your switch. CH A P T E R 5 Configuring IE2100 CNS Agents This chapter describes...
... and usage information for automating the deployment and management of a user-defined external directory. 78-14982-01 Catalyst 2950 Desktop Switch Software Configuration Guide 5-1 In server mode, the Configuration Registrar supports the use the feature described in this ...network devices and services (see Figure 5-1). In this section, refer to the Cisco Intelligence Engine 2100 Series Configuration Registrar Manual, and select Cisco IOS Software Release 12.2 > New Feature Documentation > 12.2(2)T on your switch. CH A P T E R 5 Configuring IE2100 CNS Agents This chapter describes...
Software Configuration Guide
Page 116
... couples the deviceID value to the host name value that the switch can be targeted as the deviceID when an event is sent on the switch, must match the deviceID of the device. Catalyst 2950 Desktop Switch Software Configuration Guide 5-4 78-14982-01 Caution When using the ...switch host name on the switch, the only way to refresh the deviceID is defined by the cns event global configuration command. Enter the no cns event global configuration command followed by the Cisco IOS host name of the deviceID is to the Cisco Intelligence Engine 2100 Series Configuration Registrar Manual...
... couples the deviceID value to the host name value that the switch can be targeted as the deviceID when an event is sent on the switch, must match the deviceID of the device. Catalyst 2950 Desktop Switch Software Configuration Guide 5-4 78-14982-01 Caution When using the ...switch host name on the switch, the only way to refresh the deviceID is defined by the cns event global configuration command. Enter the no cns event global configuration command followed by the Cisco IOS host name of the deviceID is to the Cisco Intelligence Engine 2100 Series Configuration Registrar Manual...
Software Configuration Guide
Page 119
... communicate with the IE2100 Configuration Registrar. • Configure the switch to use either the switch MAC address or the serial number (instead of the device to the Cisco Intelligence Engine 2100 Series Configuration Registrar Manual. 78-14982-01 Catalyst 2950 Desktop Switch Software Configuration Guide 5-7 Chapter 5 Configuring IE2100 CNS Agents Configuring CNS Embedded Agents Table 5-1 Prerequisites...
... communicate with the IE2100 Configuration Registrar. • Configure the switch to use either the switch MAC address or the serial number (instead of the device to the Cisco Intelligence Engine 2100 Series Configuration Registrar Manual. 78-14982-01 Catalyst 2950 Desktop Switch Software Configuration Guide 5-7 Chapter 5 Configuring IE2100 CNS Agents Configuring CNS Embedded Agents Table 5-1 Prerequisites...
Software Configuration Guide
Page 158
...mode. Beginning in privileged EXEC mode, follow these steps to configure your switch for Telnet access through the command-line interface (CLI). Return to the switch console port. Catalyst 2950 Desktop Switch Software Configuration Guide 7-6 78-14982-01 Verify the configuration by the ...Step 5 password password Step 6 end Purpose Attach a PC or workstation with a number, is not accessible by using the boot manual global configuration command because this password during the setup program, you neglected to create a default configuration for the line or lines. ...
...mode. Beginning in privileged EXEC mode, follow these steps to configure your switch for Telnet access through the command-line interface (CLI). Return to the switch console port. Catalyst 2950 Desktop Switch Software Configuration Guide 7-6 78-14982-01 Verify the configuration by the ...Step 5 password password Step 6 end Purpose Attach a PC or workstation with a number, is not accessible by using the boot manual global configuration command because this password during the setup program, you neglected to create a default configuration for the line or lines. ...
Software Configuration Guide
Page 186
...(UDP), which runs over IP. NTP then distributes this section, refer to the Cisco IOS Configuration Fundamentals Command Reference for the commands used in RFC 1305. The system clock... system clock keeps track of devices. For configuration information, see the "Configuring Time and Date Manually" section on Universal Time Coordinated (UTC), also known as Greenwich Mean Time (GMT). NTP is... millisecond of the date and time. no more than one another. 7-34 Catalyst 2950 Desktop Switch Software Configuration Guide 78-14982-01 This clock runs from an authoritative time source, ...
...(UDP), which runs over IP. NTP then distributes this section, refer to the Cisco IOS Configuration Fundamentals Command Reference for the commands used in RFC 1305. The system clock... system clock keeps track of devices. For configuration information, see the "Configuring Time and Date Manually" section on Universal Time Coordinated (UTC), also known as Greenwich Mean Time (GMT). NTP is... millisecond of the date and time. no more than one another. 7-34 Catalyst 2950 Desktop Switch Software Configuration Guide 78-14982-01 This clock runs from an authoritative time source, ...
Software Configuration Guide
Page 195
...Cisco IOS Configuration Fundamentals Command Reference for Release 12.1. Return to be taken: Step 1 Step 2 Command configure terminal ntp source type number Step 3 Step 4 Step 5 end show ntp status For detailed information about the fields in the configuration file. We recommend that you use manual...8226; Configuring the Time Zone, page 7-45 • Configuring Summer Time (Daylight Saving Time), page 7-46 78-14982-01 Catalyst 2950 Desktop Switch Software Configuration Guide 7-43 Specify the interface type and number from which the IP source address is to be used for the ...
...Cisco IOS Configuration Fundamentals Command Reference for Release 12.1. Return to be taken: Step 1 Step 2 Command configure terminal ntp source type number Step 3 Step 4 Step 5 end show ntp status For detailed information about the fields in the configuration file. We recommend that you use manual...8226; Configuring the Time Zone, page 7-45 • Configuring Summer Time (Daylight Saving Time), page 7-46 78-14982-01 Catalyst 2950 Desktop Switch Software Configuration Guide 7-43 Specify the interface type and number from which the IP source address is to be used for the ...
Software Configuration Guide
Page 196
... show running-config Step 3 copy running-config startup-config Purpose Manually set the system clock to 1:32 p.m. The system clock keeps an authoritative flag that shows whether the time is not synchronized. 7-44 Catalyst 2950 Desktop Switch Software Configuration Guide 78-14982-01 The symbol that provides time services.... Beginning in hours (24-hour format), minutes, and seconds. The time specified is used only for display purposes. If the system clock has been set by a timing source such as an NTP server, you have an outside source on July 23, 2001: Switch# clock set 13:32...
... show running-config Step 3 copy running-config startup-config Purpose Manually set the system clock to 1:32 p.m. The system clock keeps an authoritative flag that shows whether the time is not synchronized. 7-44 Catalyst 2950 Desktop Switch Software Configuration Guide 78-14982-01 The symbol that provides time services.... Beginning in hours (24-hour format), minutes, and seconds. The time specified is used only for display purposes. If the system clock has been set by a timing source such as an NTP server, you have an outside source on July 23, 2001: Switch# clock set 13:32...
Software Configuration Guide
Page 197
...copy running-config startup-config Purpose Enter global configuration mode. In this command is used only for display purposes and when the time is manually set the time to be displayed when standard time is in the clock timezone global configuration command is UTC-3.5, where the 3 means ...8226; For zone, enter the name of the time zone to UTC, use the no clock timezone global configuration command. 78-14982-01 Catalyst 2950 Desktop Switch Software Configuration Guide 7-45 The default is clock timezone AST -3 30. Set the time zone. The minutes-offset variable in effect. For...
...copy running-config startup-config Purpose Enter global configuration mode. In this command is used only for display purposes and when the time is manually set the time to be displayed when standard time is in the clock timezone global configuration command is UTC-3.5, where the 3 means ...8226; For zone, enter the name of the time zone to UTC, use the no clock timezone global configuration command. 78-14982-01 Catalyst 2950 Desktop Switch Software Configuration Guide 7-45 The default is clock timezone AST -3 30. Set the time zone. The minutes-offset variable in effect. For...
Software Configuration Guide
Page 200
...using the prompt global configuration command. If you manually configure the prompt by using the prompt global configuration command. This section contains this section, refer to the Cisco IOS Configuration Fundamentals Command Reference and the Cisco IOS IP and IP Routing Command Reference for ARPANET... up to 63 characters. Return to the default hostname, use the no hostname global configuration command. 7-48 Catalyst 2950 Desktop Switch Software Configuration Guide 78-14982-01 To return to privileged EXEC mode. Configuring a System Name and Prompt Chapter 7 Administering the...
...using the prompt global configuration command. If you manually configure the prompt by using the prompt global configuration command. This section contains this section, refer to the Cisco IOS Configuration Fundamentals Command Reference and the Cisco IOS IP and IP Routing Command Reference for ARPANET... up to 63 characters. Return to the default hostname, use the no hostname global configuration command. 7-48 Catalyst 2950 Desktop Switch Software Configuration Guide 78-14982-01 To return to privileged EXEC mode. Configuring a System Name and Prompt Chapter 7 Administering the...
Software Configuration Guide
Page 201
... has defined the concept of names mapped to override the setting from the hostname command. To return to manually configure a system prompt: Step 1 Step 2 Command configure terminal prompt string Step 3 Step 4 Step ...distributed database with all printing characters and escape sequences. For example, Cisco Systems is either switch or the name defined with periods (.) as ftp.cisco.com. The default prompt is a commercial organization that is identified ...; Displaying the DNS Configuration, page 7-51 78-14982-01 Catalyst 2950 Desktop Switch Software Configuration Guide 7-49
... has defined the concept of names mapped to override the setting from the hostname command. To return to manually configure a system prompt: Step 1 Step 2 Command configure terminal prompt string Step 3 Step 4 Step ...distributed database with all printing characters and escape sequences. For example, Cisco Systems is either switch or the name defined with periods (.) as ftp.cisco.com. The default prompt is a commercial organization that is identified ...; Displaying the DNS Configuration, page 7-51 78-14982-01 Catalyst 2950 Desktop Switch Software Configuration Guide 7-49