Software Guide
Page 24
...configure port security on the switch. Configuring Port Security Describes how to configure the Simple Network Management Protocol (SNMP) on the switch. Checking Status and Connectivity Describes how to display information about modules and switch ports and how to configure IP permit list on the switch. Configuring the IP Permit List Describes how to check connectivity using ping, Telnet, and IP traceroute. Using Switch TopN Reports Describes how to configure quality of service (QoS). xxiv Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide...
...configure port security on the switch. Configuring Port Security Describes how to configure the Simple Network Management Protocol (SNMP) on the switch. Checking Status and Connectivity Describes how to display information about modules and switch ports and how to configure IP permit list on the switch. Configuring the IP Permit List Describes how to check connectivity using ping, Telnet, and IP traceroute. Using Switch TopN Reports Describes how to configure quality of service (QoS). xxiv Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide...
Software Guide
Page 36
...already booted, press Enter to monitor the switch. These sections describe how to the hardware documentation for example, using a terminal emulation program on . If the switch is not on how to connect a terminal to the supervisor engine console port, refer to access the switch CLI: • Accessing the CLI Through the Console Port, page 2-2 • Accessing the CLI Through Telnet, page 2-3 Accessing the CLI Through the Console Port Note For complete information on , power up the switch. Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide...
...already booted, press Enter to monitor the switch. These sections describe how to the hardware documentation for example, using a terminal emulation program on . If the switch is not on how to connect a terminal to the supervisor engine console port, refer to access the switch CLI: • Accessing the CLI Through the Console Port, page 2-2 • Accessing the CLI Through Telnet, page 2-3 Accessing the CLI Through the Console Port Note For complete information on , power up the switch. Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide...
Software Guide
Page 37
... Software Configuration Guide-Release 8.1 2-3 Note For complete information on and is '^]'. To access the switch CLI from a remote host using Telnet, see Chapter 3, "Configuring the Switch IP Address and Default Gateway." Use privileged-mode commands to change the configuration. Chapter 2 Using the Command-Line Interface Accessing the Switch CLI Accessing the CLI Through Telnet Before you can open a Telnet session to the switch, you can use normal-mode commands to monitor the switch or enter privileged mode to change the system configuration. Cisco Systems Console...
... Software Configuration Guide-Release 8.1 2-3 Note For complete information on and is '^]'. To access the switch CLI from a remote host using Telnet, see Chapter 3, "Configuring the Switch IP Address and Default Gateway." Use privileged-mode commands to change the configuration. Chapter 2 Using the Command-Line Interface Accessing the Switch CLI Accessing the CLI Through Telnet Before you can open a Telnet session to the switch, you can use normal-mode commands to monitor the switch or enter privileged mode to change the system configuration. Cisco Systems Console...
Software Guide
Page 38
... Password prompt. Otherwise, enter the privileged-mode password for IP Address Set DNS information Set IP fragmentation enable/disable Set IP HTTP server information Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 2-4 78-15486-01 Console> (enable) disable Console> Accessing Help Enter help menu, and, when appropriate, parameter ranges are connecting to a new switch, press Return at the privileged mode prompt. For example, eight parameters are connecting to a new switch, press Return at the Enter Password...
... Password prompt. Otherwise, enter the privileged-mode password for IP Address Set DNS information Set IP fragmentation enable/disable Set IP HTTP server information Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 2-4 78-15486-01 Console> (enable) disable Console> Accessing Help Enter help menu, and, when appropriate, parameter ranges are connecting to a new switch, press Return at the privileged mode prompt. For example, eight parameters are connecting to a new switch, press Return at the Enter Password...
Software Guide
Page 52
... ip route Fragmentation Redirect Unreachable enabled enabled enabled The primary gateway: 172.20.52.33 Destination Gateway RouteMask default 10.1.1.1 0x0 default 172.20.52.33 0x0 172.20.52.32 4000-2 0xfffffff0 10.1.1.0 10.1.1.100 0xffffff00 Console> (enable) Flags ----G UG U U Use -------0 12 180 22 Interface --------- Use Telnet to access the switch, enter privileged mode, and enter the slip detach command to restore the console port connection. Command telnet {host_name | ip_addr} enable set ip route default 10.1.1.1 Route added...
... ip route Fragmentation Redirect Unreachable enabled enabled enabled The primary gateway: 172.20.52.33 Destination Gateway RouteMask default 10.1.1.1 0x0 default 172.20.52.33 0x0 172.20.52.32 4000-2 0xfffffff0 10.1.1.0 10.1.1.100 0xffffff00 Console> (enable) Flags ----G UG U U Use -------0 12 180 22 Interface --------- Use Telnet to access the switch, enter privileged mode, and enter the slip detach command to restore the console port connection. Command telnet {host_name | ip_addr} enable set ip route default 10.1.1.1 Route added...
Software Guide
Page 54
... DNS server table as backup server. 172.16.32.32 added to 0.0.0.0. set interface sc0 dhcp release 3-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 To renew or release a DHCP-assigned IP address on the in-band (sc0) management interface, perform one of the switch to the IP configuration information for each switch in privileged mode: Task Renew the lease on a DHCP-assigned IP address. server configuration, mapping the MAC address...
... DNS server table as backup server. 172.16.32.32 added to 0.0.0.0. set interface sc0 dhcp release 3-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 To renew or release a DHCP-assigned IP address on the in-band (sc0) management interface, perform one of the switch to the IP configuration information for each switch in privileged mode: Task Renew the lease on a DHCP-assigned IP address. server configuration, mapping the MAC address...
Software Guide
Page 75
... Configuration Examples, page 6-12 • Understanding the LACP, page 6-16 • Configuring EtherChannel Using LACP, page 6-18 Understanding How EtherChannel Works These sections describe how EtherChannel works: • EtherChannel Overview, page 6-2 • Understanding Frame Distribution, page 6-2 • Hardware Support for the commands used in this chapter, refer to supervisor engine Fast Ethernet and Gigabit Ethernet uplink ports. CH A P T E R 6 Configuring Fast EtherChannel and Gigabit EtherChannel This chapter describes how to the Catalyst 4500 Series Installation Guide...
... Configuration Examples, page 6-12 • Understanding the LACP, page 6-16 • Configuring EtherChannel Using LACP, page 6-18 Understanding How EtherChannel Works These sections describe how EtherChannel works: • EtherChannel Overview, page 6-2 • Understanding Frame Distribution, page 6-2 • Hardware Support for the commands used in this chapter, refer to supervisor engine Fast Ethernet and Gigabit Ethernet uplink ports. CH A P T E R 6 Configuring Fast EtherChannel and Gigabit EtherChannel This chapter describes how to the Catalyst 4500 Series Installation Guide...
Software Guide
Page 78
... of service (QoS) configurations. • An EtherChannel will not form with the set port channel command. • Do not configure the ports in an EtherChannel as dynamic VLAN ports. In software releases prior to 6.3(1), traffic was disrupted when you configure the EtherChannel as a trunk, configure the same trunk mode on all the ports in the EtherChannel. Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 6-4 78-15486-01 Configuring ports in an EtherChannel in different trunk modes can...
... of service (QoS) configurations. • An EtherChannel will not form with the set port channel command. • Do not configure the ports in an EtherChannel as dynamic VLAN ports. In software releases prior to 6.3(1), traffic was disrupted when you configure the EtherChannel as a trunk, configure the same trunk mode on all the ports in the EtherChannel. Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 6-4 78-15486-01 Configuring ports in an EtherChannel in different trunk modes can...
Software Guide
Page 260
... Spantree port fast start option enabled for the backup VMPS server(s). You cannot make it a dynamic port. Console> (enable) set vmps server ip_addr [primary] (Optional) Specify the IP address for ports 2/1. set vmps server 192.0.0.9 192.0.0.9 added to VMPS table as backup domain server. Console> (enable) set vmps server 192.0.0.1 primary 192.0.0.1 added to VMPS table as backup domain server. If you must configure VMPS on the switch to VMPS table as primary domain server. show port Port Name Status Vlan Level Duplex Speed 1/1 connect trunk...
... Spantree port fast start option enabled for the backup VMPS server(s). You cannot make it a dynamic port. Console> (enable) set vmps server ip_addr [primary] (Optional) Specify the IP address for ports 2/1. set vmps server 192.0.0.9 192.0.0.9 added to VMPS table as backup domain server. Console> (enable) set vmps server 192.0.0.1 primary 192.0.0.1 added to VMPS table as backup domain server. If you must configure VMPS on the switch to VMPS table as primary domain server. show port Port Name Status Vlan Level Duplex Speed 1/1 connect trunk...
Software Guide
Page 285
..., refer to the Catalyst 4500 Series, Catalyst 2948G, and Catalyst 2980G Switches Command Reference. Note For complete syntax and usage information for the commands used in IEEE 802.1p. Switches can inform the switch when specific hosts join or leave IP multicast groups. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 15-1 This chapter consists of IP multicast traffic. A CGMP/IGMP-capable IP multicast router sees all IGMP packets and can use CGMP, IGMP snooping...
..., refer to the Catalyst 4500 Series, Catalyst 2948G, and Catalyst 2980G Switches Command Reference. Note For complete syntax and usage information for the commands used in IEEE 802.1p. Switches can inform the switch when specific hosts join or leave IP multicast groups. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 15-1 This chapter consists of IP multicast traffic. A CGMP/IGMP-capable IP multicast router sees all IGMP packets and can use CGMP, IGMP snooping...
Software Guide
Page 300
... added to CAM table. Console> (enable) set cam {static | permanent} multicast_mac CAM table. Console> (enable) show multicast group CGMP enabled IGMP disabled 15-16 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Configured Console> (enable) Configuring Multicast Groups To configure a multicast group manually, perform this task in privileged mode: Step 1 Step 2 Task Command Add one or more multicast MAC addresses to CAM table. show multicast router [mod_num/port_num] [vlan_id] This example shows how to...
... added to CAM table. Console> (enable) set cam {static | permanent} multicast_mac CAM table. Console> (enable) show multicast group CGMP enabled IGMP disabled 15-16 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Configured Console> (enable) Configuring Multicast Groups To configure a multicast group manually, perform this task in privileged mode: Step 1 Step 2 Task Command Add one or more multicast MAC addresses to CAM table. show multicast router [mod_num/port_num] [vlan_id] This example shows how to...
Software Guide
Page 301
...mode: Task Disable a specific manually configured multicast router port. Console> (enable) Filtering IGMP Traffic Internet Group Management Protocol (IGMP) filtering allows an administrator to disable a multicast group entry from the CAM table: Console> (enable) clear cam 01-11-22-33-44-55 1 CAM entry cleared. Disable all VLANs that are available to disable a manually configured multicast router port entry: Console> (enable) clear multicast router 2/12 Port 2/12 cleared from the CAM table. Chapter 15 Configuring Multicast Services Filtering IGMP Traffic VLAN ---1 1 1 1 Dest MAC...
...mode: Task Disable a specific manually configured multicast router port. Console> (enable) Filtering IGMP Traffic Internet Group Management Protocol (IGMP) filtering allows an administrator to disable a multicast group entry from the CAM table: Console> (enable) clear cam 01-11-22-33-44-55 1 CAM entry cleared. Disable all VLANs that are available to disable a manually configured multicast router port entry: Console> (enable) clear multicast router 2/12 Port 2/12 cleared from the CAM table. Chapter 15 Configuring Multicast Services Filtering IGMP Traffic VLAN ---1 1 1 1 Dest MAC...
Software Guide
Page 378
... set snmp access-list 2 172.20.60.7 mask 255.255.255.0 Access number 2 has been updated with existing IP Address 172.20.60.7 mask 255.255.255.0 Console> (enable) This example shows how to display the SNMP configuration: Console> (enable) show snmp access-list Access-Number IP-Addresses/IP-Mask 1 172.20.60.100/255.0.0.0 1.1.1.1/- 2 172.20.60.7/- 2.2.2.2/- 3 2.2.2.2/155.0.0.0 4 1.1.1.1/2.1.2.4 2.2.2.2/- 2.2.2.5/- show snmp access-list These examples show snmp ifalias [ifIndex] 24-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide...
... set snmp access-list 2 172.20.60.7 mask 255.255.255.0 Access number 2 has been updated with existing IP Address 172.20.60.7 mask 255.255.255.0 Console> (enable) This example shows how to display the SNMP configuration: Console> (enable) show snmp access-list Access-Number IP-Addresses/IP-Mask 1 172.20.60.100/255.0.0.0 1.1.1.1/- 2 172.20.60.7/- 2.2.2.2/- 3 2.2.2.2/155.0.0.0 4 1.1.1.1/2.1.2.4 2.2.2.2/- 2.2.2.5/- show snmp access-list These examples show snmp ifalias [ifIndex] 24-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide...
Software Guide
Page 382
...-all) 24-14 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 set snmp engineid engineid name for a group with a certain security model in different security levels. To configure SNMPv3 from the command-line interface (CLI), perform this task in the target address table. set snmp view [-hex] {viewname} {subtree} [mask] [included | excluded] [volatile | nonvolatile] Set the access rights for the local SNMP engine. set snmp user [-hex] {username} [remote {engineid}] [{authentication [md5...
...-all) 24-14 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 set snmp engineid engineid name for a group with a certain security model in different security levels. To configure SNMPv3 from the command-line interface (CLI), perform this task in the target address table. set snmp view [-hex] {viewname} {subtree} [mask] [included | excluded] [volatile | nonvolatile] Set the access rights for the local SNMP engine. set snmp user [-hex] {username} [remote {engineid}] [{authentication [md5...
Software Guide
Page 423
... damage your switch. • If you set your switch to accommodate the chassis and inline power requirements when a system boots. The total power available is installed, your switch, the switch uses the power supply in power supply bay 1 (PS1) and ignores the power supply in a Catalyst 4500 series switch are less than the maximum available power for the chassis and inline power for each power supply. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release...
... damage your switch. • If you set your switch to accommodate the chassis and inline power requirements when a system boots. The total power available is installed, your switch, the switch uses the power supply in power supply bay 1 (PS1) and ignores the power supply in a Catalyst 4500 series switch are less than the maximum available power for the chassis and inline power for each power supply. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release...
Software Guide
Page 446
... console connections and RADIUS authentication for accessing enable mode.) The configurable range is allowed only a specific number of the station in the syslog and in during that station during the lockout time and provides an appropriate notice. If the user fails to authorize the password, the system delays any subsequent access from the CLI and SNMP with the set authentication login attempt command. (You would use the set authentication enable attempt command to set...
... console connections and RADIUS authentication for accessing enable mode.) The configurable range is allowed only a specific number of the station in the syslog and in during that station during the lockout time and provides an appropriate notice. If the user fails to authorize the password, the system delays any subsequent access from the CLI and SNMP with the set authentication login attempt command. (You would use the set authentication enable attempt command to set...
Software Guide
Page 457
... password: Password changed . To set the login password on a switch with no password configured), enter your new password, and reenter your new password. You must reset the password after installing software release 5.4 or a later release to activate case sensitivity. Command set enablepass This example shows how to set the enable password for local authentication, perform this task in privileged mode: Task Set the password for access. Enter your old password (press set password Return on the switch: Console> (enable) set the enable password on a switch...
... password: Password changed . To set the login password on a switch with no password configured), enter your new password, and reenter your new password. You must reset the password after installing software release 5.4 or a later release to activate case sensitivity. Command set enablepass This example shows how to set the enable password for local authentication, perform this task in privileged mode: Task Set the password for access. Enter your old password (press set password Return on the switch: Console> (enable) set the enable password on a switch...
Software Guide
Page 459
... 15 Console> (enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 30-15 The login password is null for your new password. Enter privileged mode using the enable command. Configuring Local User Authentication The following sections describe how to the switch through a Telnet connection. At the "Enter Password" prompt, press Return. Local user accounts must be fewer than 65 characters in privileged mode: Task Step 1 Create a new local user account...
... 15 Console> (enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 30-15 The login password is null for your new password. Enter privileged mode using the enable command. Configuring Local User Authentication The following sections describe how to the switch through a Telnet connection. At the "Enter Password" prompt, press Return. Local user accounts must be fewer than 65 characters in privileged mode: Task Step 1 Create a new local user account...
Software Guide
Page 480
... 30 Configuring Switch Access Using AAA As an additional layer of authentication for that network service. clear kerberos credentials forward 30-36 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Command set kerberos credentials forward set kerberos clients mandatory This example shows how to configure clients to forward user credentials and verify the configuration: Console> (enable) set kerberos credentials forward Kerberos credentials forwarding enabled Console> (enable) show kerberos Kerberos Local Realm:CISCO.COM...
... 30 Configuring Switch Access Using AAA As an additional layer of authentication for that network service. clear kerberos credentials forward 30-36 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Command set kerberos credentials forward set kerberos clients mandatory This example shows how to configure clients to forward user credentials and verify the configuration: Console> (enable) set kerberos credentials forward Kerberos credentials forwarding enabled Console> (enable) show kerberos Kerberos Local Realm:CISCO.COM...
Software Guide
Page 527
...-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 33-3 Sample TFTP Download Procedures To see a step-by cisco Systems, Inc. Console> (enable) set boot system flash device:filename prepend command, so that show version 1 Mod Port Model Serial # Versions 1 0 WS-X4012 JAB03130104 Hw : 1.5 Gsp: 6.1(1.4) Nmp: 6.1(0.104) Console> (enable) copy tftp flash IP address or name of remote host []? 172.20.52.3 Name of file to copy to copy from Console// System Bootstrap, Version 3.1(2) Copyright (c) 1994...
...-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 33-3 Sample TFTP Download Procedures To see a step-by cisco Systems, Inc. Console> (enable) set boot system flash device:filename prepend command, so that show version 1 Mod Port Model Serial # Versions 1 0 WS-X4012 JAB03130104 Hw : 1.5 Gsp: 6.1(1.4) Nmp: 6.1(0.104) Console> (enable) copy tftp flash IP address or name of remote host []? 172.20.52.3 Name of file to copy to copy from Console// System Bootstrap, Version 3.1(2) Copyright (c) 1994...