Software Configuration Guide
Page 2
...THESE SUPPLIERS ARE PROVIDED "AS IS" WITH ALL FAULTS. and certain other company. (0304R) Catalyst 3560 Switch Software Configuration Guide Copyright © 2004 Cisco Systems, Inc. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of ...1981, Regents of the University of Cisco Systems, Inc.; CCIP, CCSP, the Cisco Arrow logo, the Cisco Powered Network mark, Cisco Unity, Follow Me Browsing, FormShare, and StackWise are service marks of their respective owners. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS...
...THESE SUPPLIERS ARE PROVIDED "AS IS" WITH ALL FAULTS. and certain other company. (0304R) Catalyst 3560 Switch Software Configuration Guide Copyright © 2004 Cisco Systems, Inc. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of ...1981, Regents of the University of Cisco Systems, Inc.; CCIP, CCSP, the Cisco Arrow logo, the Cisco Powered Network mark, Cisco Unity, Follow Me Browsing, FormShare, and StackWise are service marks of their respective owners. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS...
Software Configuration Guide
Page 5
...14 Topology View 3-15 CMS Icons 3-16 Where to Go Next 3-16 Assigning the Switch IP Address and Default Gateway 4-1 Understanding the Boot Process 4-1 Assigning Switch Information 4-2 Default Switch Information 4-3 Understanding DHCP-Based Autoconfiguration 4-3 DHCP Client Request Process 4-4 Configuring DHCP-Based... a Configuration File 4-12 Specifying the Filename to Read and Write the System Configuration 4-12 Booting Manually 4-13 Booting a Specific Software Image 4-13 Controlling Environment Variables 4-14 Scheduling a Reload of the Software Image 4-16 Configuring a Scheduled Reload 4-16...
...14 Topology View 3-15 CMS Icons 3-16 Where to Go Next 3-16 Assigning the Switch IP Address and Default Gateway 4-1 Understanding the Boot Process 4-1 Assigning Switch Information 4-2 Default Switch Information 4-3 Understanding DHCP-Based Autoconfiguration 4-3 DHCP Client Request Process 4-4 Configuring DHCP-Based... a Configuration File 4-12 Specifying the Filename to Read and Write the System Configuration 4-12 Booting Manually 4-13 Booting a Specific Software Image 4-13 Controlling Environment Variables 4-14 Scheduling a Reload of the Software Image 4-16 Configuring a Scheduled Reload 4-16...
Software Configuration Guide
Page 6
... 5-15 Availability of Switch-Specific Features in Switch Clusters 5-15 Creating a Switch Cluster 5-16 Enabling a Cluster Command Switch 5-16 Adding Cluster Member Switches 5-17 Creating a Cluster Standby Group 5-19 Verifying a Switch Cluster 5-20 Using the CLI to Manage Switch Clusters 5-21 Catalyst 1900 and Catalyst 2820 CLI Considerations 5-22 Using SNMP to Manage Switch Clusters 5-22 Catalyst 3560 Switch Software Configuration Guide vi...
... 5-15 Availability of Switch-Specific Features in Switch Clusters 5-15 Creating a Switch Cluster 5-16 Enabling a Cluster Command Switch 5-16 Adding Cluster Member Switches 5-17 Creating a Cluster Standby Group 5-19 Verifying a Switch Cluster 5-20 Using the CLI to Manage Switch Clusters 5-21 Catalyst 1900 and Catalyst 2820 CLI Considerations 5-22 Using SNMP to Manage Switch Clusters 5-22 Catalyst 3560 Switch Software Configuration Guide vi...
Software Configuration Guide
Page 9
... RADIUS Accounting 8-28 Configuring Settings for All RADIUS Servers 8-29 Configuring the Switch to Use Vendor-Specific RADIUS Attributes 8-29 Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 8-31 Displaying the RADIUS Configuration 8-31 Controlling Switch Access with Kerberos 8-32 Understanding Kerberos 8-32 Kerberos Operation 8-34 Authenticating to...Roles 9-2 Authentication Initiation and Message Exchange 9-3 Ports in Authorized and Unauthorized States 9-4 Supported Topologies 9-4 Using 802.1X with Port Security 9-5 Catalyst 3560 Switch Software Configuration Guide ix
... RADIUS Accounting 8-28 Configuring Settings for All RADIUS Servers 8-29 Configuring the Switch to Use Vendor-Specific RADIUS Attributes 8-29 Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 8-31 Displaying the RADIUS Configuration 8-31 Controlling Switch Access with Kerberos 8-32 Understanding Kerberos 8-32 Kerberos Operation 8-34 Authenticating to...Roles 9-2 Authentication Initiation and Message Exchange 9-3 Ports in Authorized and Unauthorized States 9-4 Supported Topologies 9-4 Using 802.1X with Port Security 9-5 Catalyst 3560 Switch Software Configuration Guide ix
Software Configuration Guide
Page 29
... Password Recovery Disabled 35-6 Recovering from a Command Switch Failure 35-8 Replacing a Failed Command Switch with a Cluster Member 35-8 Replacing a Failed Command Switch with Another Switch 35-10 Recovering from Lost Cluster Member Connectivity 35...-11 Preventing Autonegotiation Mismatches 35-12 Troubleshooting Power over Ethernet Switch Ports 35-12 SFP Module Security and Identification 35-12 Using Ping...-16 Executing IP Traceroute 35-17 Using Debug Commands 35-18 Enabling Debugging on a Specific Feature 35-18 Enabling All-System Diagnostics 35-19 Redirecting Debug and Error Message Output...
... Password Recovery Disabled 35-6 Recovering from a Command Switch Failure 35-8 Replacing a Failed Command Switch with a Cluster Member 35-8 Replacing a Failed Command Switch with Another Switch 35-10 Recovering from Lost Cluster Member Connectivity 35...-11 Preventing Autonegotiation Mismatches 35-12 Troubleshooting Power over Ethernet Switch Ports 35-12 SFP Module Security and Identification 35-12 Using Ping...-16 Executing IP Traceroute 35-17 Using Debug Commands 35-18 Enabling Debugging on a Specific Feature 35-18 Enabling All-System Diagnostics 35-19 Redirecting Debug and Error Message Output...
Software Configuration Guide
Page 40
...system, redundant power system (RPS), and port LED colors on the images are similar to accomplish specific tasks. - Monitoring real-time status of a switch or multiple switches from a single CMS window without needing to remember command-line interface (CLI) commands to those ...[that prompt you in your intranet. - Accomplishing multiple configuration tasks from the LEDs on the physical LEDs. Features Chapter 1 Overview The Catalyst 3560 switches have these features: • Ease-of-Use and Ease-of-Deployment Features, page 1-2 • Performance Features, page 1-3 •...
...system, redundant power system (RPS), and port LED colors on the images are similar to accomplish specific tasks. - Monitoring real-time status of a switch or multiple switches from a single CMS window without needing to remember command-line interface (CLI) commands to those ...[that prompt you in your intranet. - Accomplishing multiple configuration tasks from the LEDs on the physical LEDs. Features Chapter 1 Overview The Catalyst 3560 switches have these features: • Ease-of-Use and Ease-of-Deployment Features, page 1-2 • Performance Features, page 1-3 •...
Software Configuration Guide
Page 42
.... For more information about using Telnet from a remote management station. The switch supports a comprehensive set of the SMI and EMI) Catalyst 3560 Switch Software Configuration Guide 1-4 78-16156-01 Manageability Features Note The encrypted Secure Shell (SSH)...information about the CLI, see Chapter 3, "Getting Started with specific source or destination MAC addresses • Cisco Discovery Protocol (CDP) versions 1 and 2 for network topology discovery and mapping between the switch and other Cisco devices on the switch. For more information about CMS, see Chapter 2, "Using ...
.... For more information about using Telnet from a remote management station. The switch supports a comprehensive set of the SMI and EMI) Catalyst 3560 Switch Software Configuration Guide 1-4 78-16156-01 Manageability Features Note The encrypted Secure Shell (SSH)...information about the CLI, see Chapter 3, "Getting Started with specific source or destination MAC addresses • Cisco Discovery Protocol (CDP) versions 1 and 2 for network topology discovery and mapping between the switch and other Cisco devices on the switch. For more information about CMS, see Chapter 2, "Using ...
Software Configuration Guide
Page 45
...queues become empty and do not use their share of the bandwidth. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-7 Two configurable ingress queues for detecting the presence of a Cisco IP phone, trusting the CoS value received, and ensuring port security • Policing...system to authenticate requests for different traffic classifications - Aggregate policing for prioritizing mission-critical traffic in aggregate to restrict specific applications or traffic flows to metered, predefined rates • Out-of port bandwidth. Shared egress queues are guaranteed but can ...
...queues become empty and do not use their share of the bandwidth. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-7 Two configurable ingress queues for detecting the presence of a Cisco IP phone, trusting the CoS value received, and ensuring port security • Policing...system to authenticate requests for different traffic classifications - Aggregate policing for prioritizing mission-critical traffic in aggregate to restrict specific applications or traffic flows to metered, predefined rates • Out-of port bandwidth. Shared egress queues are guaranteed but can ...
Software Configuration Guide
Page 47
...specific network needs, you do not configure the switch at all, the switch operates with the default settings listed in Table 1-1. Chapter 4, "Assigning the Switch IP Address and Default Gateway" Chapter 5, "Clustering Switches" Chapter 6, "Administering the Switch" Chapter 9, "Configuring 802.1X Port-Based Authentication" 78-16156-01 Catalyst 3560 Switch...client enabled Disabled None defined Disabled Disabled Switch Enabled Enabled Disabled More information in your network. If you can change the interface-specific and system-wide settings. and switch-level status • MAC address ...
...specific network needs, you do not configure the switch at all, the switch operates with the default settings listed in Table 1-1. Chapter 4, "Assigning the Switch IP Address and Default Gateway" Chapter 5, "Clustering Switches" Chapter 6, "Administering the Switch" Chapter 9, "Configuring 802.1X Port-Based Authentication" 78-16156-01 Catalyst 3560 Switch...client enabled Disabled None defined Disabled Disabled Switch Enabled Enabled Disabled More information in your network. If you can change the interface-specific and system-wide settings. and switch-level status • MAC address ...
Software Configuration Guide
Page 51
...prioritize voice and data traffic as either high- Refer to the documentation sets specific to workstations, local servers, and IEEE 802.3af compliant and noncompliant powered devices (such as Cisco IP Phones). The server farm includes a call processing, routing, and IP... to the Internet or an intranet at higher speeds Use the Catalyst Long-Reach Ethernet (LRE) switches to provide up to allow delivery of high-priority traffic. Cisco CallManager controls call -processing server running Cisco CallManager software. Chapter 1 Overview Network Configuration Examples Table 1-3 Providing...
...prioritize voice and data traffic as either high- Refer to the documentation sets specific to workstations, local servers, and IEEE 802.3af compliant and noncompliant powered devices (such as Cisco IP Phones). The server farm includes a call processing, routing, and IP... to the Internet or an intranet at higher speeds Use the Catalyst Long-Reach Ethernet (LRE) switches to provide up to allow delivery of high-priority traffic. Cisco CallManager controls call -processing server running Cisco CallManager software. Chapter 1 Overview Network Configuration Examples Table 1-3 Providing...
Software Configuration Guide
Page 56
...global configuration mode, enter exit. ports. Line configuration While in global configuration mode, enter the vlan vlan-id command. Catalyst 3560 Switch Software Configuration Guide 2-2 78-16156-01 When VTP mode is transparent, you have entered. To configure multiple interfaces with...-Line Interface Table 2-1 Command Mode Summary Mode Access Method Prompt Exit Method About This Mode User EXEC Begin a session with a specific interface). Use this mode to 1005 in privileged EXEC mode, enter the vlan database command. For information about defining interfaces, see the...
...global configuration mode, enter exit. ports. Line configuration While in global configuration mode, enter the vlan vlan-id command. Catalyst 3560 Switch Software Configuration Guide 2-2 78-16156-01 When VTP mode is transparent, you have entered. To configure multiple interfaces with...-Line Interface Table 2-1 Command Mode Summary Mode Access Method Prompt Exit Method About This Mode User EXEC Begin a session with a specific interface). Use this mode to 1005 in privileged EXEC mode, enter the vlan database command. For information about defining interfaces, see the...
Software Configuration Guide
Page 60
...through Keystrokes Capability Keystroke1 Purpose Move around the command line to the beginning of the command line. Press Ctrl-A. Press Ctrl-E. Catalyst 3560 Switch Software Configuration Guide 2-6 78-16156-01 make changes or corrections. Press Esc B. Move the cursor back one character. These...re-enable the enhanced editing mode for the current terminal session, enter this command in privileged EXEC mode: Switch# terminal editing To reconfigure a specific line to have enhanced editing. Transpose the character to edit command lines. Recall the most recent entry in...
...through Keystrokes Capability Keystroke1 Purpose Move around the command line to the beginning of the command line. Press Ctrl-A. Press Ctrl-E. Catalyst 3560 Switch Software Configuration Guide 2-6 78-16156-01 make changes or corrections. Press Esc B. Move the cursor back one character. These...re-enable the enhanced editing mode for the current terminal session, enter this command in privileged EXEC mode: Switch# terminal editing To reconfigure a specific line to have enhanced editing. Transpose the character to edit command lines. Recall the most recent entry in...
Software Configuration Guide
Page 66
... is downloaded to join a cluster, and link types. Select CMS > Installation and Distributions, and click Install. Figure 3-1 Menu Bar Catalyst 3560 Switch Software Configuration Guide 3-2 78-16156-01 CMS is launched from the currently open CMS windows. - Help-Launch the online help. For more... and monitoring options for managing a single switch and switch clusters: - From this view, you can select multiple ports or multiple switches and configure them with CMS Front Panel View The Front Panel view displays the Front Panel image of a specific set of link reports and link graphs....
... is downloaded to join a cluster, and link types. Select CMS > Installation and Distributions, and click Install. Figure 3-1 Menu Bar Catalyst 3560 Switch Software Configuration Guide 3-2 78-16156-01 CMS is launched from the currently open CMS windows. - Help-Launch the online help. For more... and monitoring options for managing a single switch and switch clusters: - From this view, you can select multiple ports or multiple switches and configure them with CMS Front Panel View The Front Panel view displays the Front Panel image of a specific set of link reports and link graphs....
Software Configuration Guide
Page 69
... help that feature and information about the parameter. Guide mode takes you select another configuration option. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 3-5 Click Feedback to send your comments. Expert mode displays a configuration window in understanding and performing...procedures for completing a specific configuration task. We appreciate and value your comments to either expert or guide mode. If you change the interaction mode after selecting a configuration option, the mode change the CMS interaction mode to Cisco Systems Inc. After completing...
... help that feature and information about the parameter. Guide mode takes you select another configuration option. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 3-5 Click Feedback to send your comments. Expert mode displays a configuration window in understanding and performing...procedures for completing a specific configuration task. We appreciate and value your comments to either expert or guide mode. If you change the interaction mode after selecting a configuration option, the mode change the CMS interaction mode to Cisco Systems Inc. After completing...
Software Configuration Guide
Page 70
... of the remaining options to set up default configurations. For more information about the parameter fields by -step approach for completing a specific configuration task. Expert mode is read-only. Wizards are not available for all the parameter fields of a feature in Figure 3-3 ... clicking the Help button. For more information about the read -only access mode, see the "Privilege Levels" section on page 3-6. Catalyst 3560 Switch Software Configuration Guide 3-6 78-16156-01 You can view information about the read -only access mode, see the "Privilege Levels" section on...
... of the remaining options to set up default configurations. For more information about the parameter fields by -step approach for completing a specific configuration task. Expert mode is read-only. Wizards are not available for all the parameter fields of a feature in Figure 3-3 ... clicking the Help button. For more information about the read -only access mode, see the "Privilege Levels" section on page 3-6. Catalyst 3560 Switch Software Configuration Guide 3-6 78-16156-01 You can view information about the read -only access mode, see the "Privilege Levels" section on...
Software Configuration Guide
Page 74
... CMS, remember that clusters can have not configured a specific (nondefault) HTTP port and are using the enable password (or no password) for access to the switch, you can differ between Cisco IOS releases and switch platforms: • On Catalyst switches running Cisco IOS Release 12.0(5)WC2 or earlier or Cisco IOS Release 12.1(6)EA1 or earlier, the CMS...
... CMS, remember that clusters can have not configured a specific (nondefault) HTTP port and are using the enable password (or no password) for access to the switch, you can differ between Cisco IOS releases and switch platforms: • On Catalyst switches running Cisco IOS Release 12.0(5)WC2 or earlier or Cisco IOS Release 12.1(6)EA1 or earlier, the CMS...
Software Configuration Guide
Page 78
... switch 3 check boxes to show switches 4 Port configuration popup menu 3-14 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 When CMS is launched from a command switch, you can display the Front Panel view by default, and the front-panel view displays only the front panel of the specific switch.... Figure 3-6 Toolbar 101011 12 1 Front Panel view button 2 Topology view button The Front Panel view displays the front-panel image of the command switch and other selected switches, as shown in Figure 3-6. You can...
... switch 3 check boxes to show switches 4 Port configuration popup menu 3-14 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 When CMS is launched from a command switch, you can display the Front Panel view by default, and the front-panel view displays only the front panel of the specific switch.... Figure 3-6 Toolbar 101011 12 1 Front Panel view button 2 Topology view button The Front Panel view displays the front-panel image of the command switch and other selected switches, as shown in Figure 3-6. You can...
Software Configuration Guide
Page 79
... that icon. Chapter 3 Getting Started with CMS Displaying CMS Note Figure 3-7 shows a cluster with a Catalyst 3560 switch as the command switch. Refer to display a menu for a specific switch in Figure 3-8. Note On Catalyst 1900 and Catalyst 2820 switches, CMS is launched from a command switch, the Topology view appears by default. (This view is available only when CMS is referred...
... that icon. Chapter 3 Getting Started with CMS Displaying CMS Note Figure 3-7 shows a cluster with a Catalyst 3560 switch as the command switch. Refer to display a menu for a specific switch in Figure 3-8. Note On Catalyst 1900 and Catalyst 2820 switches, CMS is launched from a command switch, the Topology view appears by default. (This view is available only when CMS is referred...
Software Configuration Guide
Page 80
...The rest of this guide provides information about administrative tasks. • Click Help > What's New in the online help . 3-16 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 Only one popup menu at a time appears in the CMS. The Topology view shows how the devices ...within a switch cluster are not eligible to other clusters and devices. This view shows the command switch and member switches in a cluster. Note The Topology view displays only the switch cluster and network neighborhood of the specific command or member switch that can add and remove ...
...The rest of this guide provides information about administrative tasks. • Click Help > What's New in the online help . 3-16 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 Only one popup menu at a time appears in the CMS. The Topology view shows how the devices ...within a switch cluster are not eligible to other clusters and devices. This view shows the command switch and member switches in a cluster. Note The Topology view displays only the switch cluster and network neighborhood of the specific command or member switch that can add and remove ...
Software Configuration Guide
Page 82
... launch the operating system. For more information, see the "Disabling Password Recovery" section on Cisco.com. For more information about the setup program, refer to the release notes on page ...in the setup program until the next system reset or power-on page 35-4. Catalyst 3560 Switch Software Configuration Guide 4-2 78-16156-01 Normally, the boot loader is used ... to match these of a cluster or as a standalone switch. Assigning Switch Information You can disable password recovery. Use a DHCP server for specific IP information. With this program, you have connected a...
... launch the operating system. For more information, see the "Disabling Password Recovery" section on Cisco.com. For more information about the setup program, refer to the release notes on page ...in the setup program until the next system reset or power-on page 35-4. Catalyst 3560 Switch Software Configuration Guide 4-2 78-16156-01 Normally, the boot loader is used ... to match these of a cluster or as a standalone switch. Assigning Switch Information You can disable password recovery. Use a DHCP server for specific IP information. With this program, you have connected a...