Software Guide
Page 24
...) snooping, and GARP Multicast Registration Protocol (GMRP) on the switch. Using Switch TopN Reports Describes how to generate switch TopN reports on the switch. Configuring RMON Describes how to configure Remote Monitoring (RMON) on Ethernet, Fast Ethernet, and Gigabit Ethernet ports. Configuring Protocol Filtering Describes how to configure protocol filtering on the switch. Configuring GVRP Describes how to configure GARP VLAN Registration Protocol (GVRP) on the switch. xxiv Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide...
...) snooping, and GARP Multicast Registration Protocol (GMRP) on the switch. Using Switch TopN Reports Describes how to generate switch TopN reports on the switch. Configuring RMON Describes how to configure Remote Monitoring (RMON) on Ethernet, Fast Ethernet, and Gigabit Ethernet ports. Configuring Protocol Filtering Describes how to configure protocol filtering on the switch. Configuring GVRP Describes how to configure GARP VLAN Registration Protocol (GVRP) on the switch. xxiv Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide...
Software Guide
Page 29
... is a critical impact to this URL: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 xxix Cisco TAC Website The Cisco TAC website provides online documents and tools to your business operations. To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to your business operations...
... is a critical impact to this URL: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 xxix Cisco TAC Website The Cisco TAC website provides online documents and tools to your business operations. To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to your business operations...
Software Guide
Page 36
... commands to display the current configuration and to a specific module, port, or VLAN. Accessing the Switch CLI You can use set and clear commands. Accessing the Switch CLI Chapter 2 Using the Command-Line Interface The Catalyst enterprise LAN switches are multi-module systems. Commands you enter from the CLI might apply to the entire system or to monitor the switch. You configure the switch using the appropriate application or commands on a UNIX system). Console Enter password: After you successfully connect to the hardware documentation for example, using a terminal...
... commands to display the current configuration and to a specific module, port, or VLAN. Accessing the Switch CLI You can use set and clear commands. Accessing the Switch CLI Chapter 2 Using the Command-Line Interface The Catalyst enterprise LAN switches are multi-module systems. Commands you enter from the CLI might apply to the entire system or to monitor the switch. You configure the switch using the appropriate application or commands on a UNIX system). Console Enter password: After you successfully connect to the hardware documentation for example, using a terminal...
Software Guide
Page 37
...; Normal (also called login or user mode) • Privileged (also called enable mode) Both modes are password protected. Chapter 2 Using the Command-Line Interface Accessing the Switch CLI Accessing the CLI Through Telnet Before you can open a Telnet session to the switch, you can use normal-mode commands to monitor the switch or enter privileged mode to change the system configuration. Switch CLI Command Modes The switch CLI supports two modes of the switch. (You must first set the IP address (and in order to use DNS host names.
...; Normal (also called login or user mode) • Privileged (also called enable mode) Both modes are password protected. Chapter 2 Using the Command-Line Interface Accessing the Switch CLI Accessing the CLI Through Telnet Before you can open a Telnet session to the switch, you can use normal-mode commands to monitor the switch or enter privileged mode to change the system configuration. Switch CLI Command Modes The switch CLI supports two modes of the switch. (You must first set the IP address (and in order to use DNS host names.
Software Guide
Page 38
Accessing Help Chapter 2 Using the Command-Line Interface To enter normal command mode, follow these steps: Step 1 Step 2 From normal mode, enter the enable command. On a new switch, the normal-mode password is null. Otherwise, enter the normal-mode password for more information, see these steps: Step 1 Step 2 Step 3 Connect to the switch CLI through the console port or using the wrong number of valid keywords and arguments for example, commands that modify the configuration) can...
Accessing Help Chapter 2 Using the Command-Line Interface To enter normal command mode, follow these steps: Step 1 Step 2 From normal mode, enter the enable command. On a new switch, the normal-mode password is null. Otherwise, enter the normal-mode password for more information, see these steps: Step 1 Step 2 Step 3 Connect to the switch CLI through the console port or using the wrong number of valid keywords and arguments for example, commands that modify the configuration) can...
Software Guide
Page 52
... the switch. Use Telnet to access the switch, enter privileged mode, and enter the slip detach command to the switch CLI through the console port. Command telnet {host_name | ip_addr} enable set ip route default 10.1.1.1 Route added. Configuring the SLIP (sl0) Interface on the Console Port Chapter 3 Configuring the Switch IP Address and Default Gateway default 10.1.1.10 0x0 G 0 sc0 10.0.0.0 10.1.1.100 0xff000000 U 75 sc0 default default 0xff000000 UH 0 sl0 Console> (enable) This example shows how to configure two default gateways on a Catalyst 4500 series, Catalyst...
... the switch. Use Telnet to access the switch, enter privileged mode, and enter the slip detach command to the switch CLI through the console port. Command telnet {host_name | ip_addr} enable set ip route default 10.1.1.1 Route added. Configuring the SLIP (sl0) Interface on the Console Port Chapter 3 Configuring the Switch IP Address and Default Gateway default 10.1.1.10 0x0 G 0 sc0 10.0.0.0 10.1.1.100 0xff000000 U 75 sc0 default default 0xff000000 UH 0 sl0 Console> (enable) This example shows how to configure two default gateways on a Catalyst 4500 series, Catalyst...
Software Guide
Page 54
set correctly. reset system When the switch reboots, confirm that other IP parameters according to the contents of these tasks in the DHCP, BOOTP, or RARP - show ip route This example shows the switch broadcasting a DHCP request, receiving a DHCP offer, and configuring the IP address and other options (such as the default gateway address) are set interface sc0 dhcp release 3-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Renewing...
set correctly. reset system When the switch reboots, confirm that other IP parameters according to the contents of these tasks in the DHCP, BOOTP, or RARP - show ip route This example shows the switch broadcasting a DHCP request, receiving a DHCP offer, and configuring the IP address and other options (such as the default gateway address) are set interface sc0 dhcp release 3-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Renewing...
Software Guide
Page 78
... removed a 1-port channel from spanning tree and then added it contains only one port in an EtherChannel is preserved even if it to LACP-configured EtherChannels). Configuring ports in an EtherChannel in different trunk modes can adversely affect switch performance. • Ports with the set port channel command. • Do not configure the ports in an EtherChannel as an individual port. Note With software release 6.3(1) and later releases, a PAgP-configured EtherChannel is used . Catalyst 4500 Series, Catalyst...
... removed a 1-port channel from spanning tree and then added it contains only one port in an EtherChannel is preserved even if it to LACP-configured EtherChannels). Configuring ports in an EtherChannel in different trunk modes can adversely affect switch performance. • Ports with the set port channel command. • Do not configure the ports in an EtherChannel as an individual port. Note With software release 6.3(1) and later releases, a PAgP-configured EtherChannel is used . Catalyst 4500 Series, Catalyst...
Software Guide
Page 260
... server specification: Console> (enable) set vmps server 192.0.0.1 primary 192.0.0.1 added to VMPS table as primary domain server. To configure VMPS client switches, perform this task in privileged mode: Step 1 Step 2 Step 3 Step 4 Step 5 Task Command Specify the IP address for ports 2/1. set to off for the backup VMPS server(s). Trunk mode set port membership mod_num/port_num dynamic Verify the dynamic port assignments. show port Port Name Status Vlan Level Duplex Speed 1/1 connect trunk normal full 100 1/2 connect trunk normal half 100 2/1 connect...
... server specification: Console> (enable) set vmps server 192.0.0.1 primary 192.0.0.1 added to VMPS table as primary domain server. To configure VMPS client switches, perform this task in privileged mode: Step 1 Step 2 Step 3 Step 4 Step 5 Task Command Specify the IP address for ports 2/1. set to off for the backup VMPS server(s). Trunk mode set port membership mod_num/port_num dynamic Verify the dynamic port assignments. show port Port Name Status Vlan Level Duplex Speed 1/1 connect trunk normal full 100 1/2 connect trunk normal half 100 2/1 connect...
Software Guide
Page 285
... commands used in IEEE 802.1p. Switches can inform the switch when specific hosts join or leave IP multicast groups. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 15-1 A CGMP/IGMP-capable IP multicast router sees all IGMP packets and can use CGMP, IGMP snooping, or GMRP to dynamically configure switch ports so that IP multicast traffic is described in this chapter, refer to the Catalyst 4500 Series, Catalyst 2948G, and Catalyst 2980G Switches Command Reference. GMRP is forwarded...
... commands used in IEEE 802.1p. Switches can inform the switch when specific hosts join or leave IP multicast groups. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 15-1 A CGMP/IGMP-capable IP multicast router sees all IGMP packets and can use CGMP, IGMP snooping, or GMRP to dynamically configure switch ports so that IP multicast traffic is described in this chapter, refer to the Catalyst 4500 Series, Catalyst 2948G, and Catalyst 2980G Switches Command Reference. GMRP is forwarded...
Software Guide
Page 300
...33-44 2/6-12 Static multicast entry added to multicast router port list. Console> (enable) show multicast router CGMP enabled IGMP disabled Port --------- 2/1 2/2 3/1 * Vlan 99 255 1 Total Number of Entries = 4 '*' - Configuring Multicast Router Ports and Group Entries Chapter 15 Configuring Multicast Services Specifying Multicast Router Ports When you can manually specify multicast router ports. Console> (enable) show multicast group CGMP enabled IGMP disabled 15-16 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486...
...33-44 2/6-12 Static multicast entry added to multicast router port list. Console> (enable) show multicast router CGMP enabled IGMP disabled Port --------- 2/1 2/2 3/1 * Vlan 99 255 1 Total Number of Entries = 4 '*' - Configuring Multicast Router Ports and Group Entries Chapter 15 Configuring Multicast Services Specifying Multicast Router Ports When you can manually specify multicast router ports. Console> (enable) show multicast group CGMP enabled IGMP disabled 15-16 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486...
Software Guide
Page 301
... CAM table. Console> (enable) Filtering IGMP Traffic Internet Group Management Protocol (IGMP) filtering allows an administrator to all VLANs that are associated with a filtering and monitoring action. Console> (enable) Disabling Multicast Group Entries To disable manually configured multicast group entries, perform this task in privileged mode: Task Disable a specific manually configured multicast router port. Command clear multicast router mod_num/port_num clear multicast router all manually configured multicast router ports. These actions apply to IGMP packets, are configured...
... CAM table. Console> (enable) Filtering IGMP Traffic Internet Group Management Protocol (IGMP) filtering allows an administrator to all VLANs that are associated with a filtering and monitoring action. Console> (enable) Disabling Multicast Group Entries To disable manually configured multicast group entries, perform this task in privileged mode: Task Disable a specific manually configured multicast router port. Command clear multicast router mod_num/port_num clear multicast router all manually configured multicast router ports. These actions apply to IGMP packets, are configured...
Software Guide
Page 378
...access numbers from the CLI Chapter 24 Configuring SNMP Console> (enable) set snmp access-list 2 172.20.60.7 Access number 2 has been updated with new IP Address 172.20.60.7 Console> (enable) set snmp ifalias {ifIndex} [ifAlias] show snmp ifalias [ifIndex] 24-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Command set snmp access-list 2 172.20.60.7 mask 255.255.255.0 Access number 2 has been updated with access-number 101 have been cleared. show snmp access-list These examples show snmp access-list Access-Number...
...access numbers from the CLI Chapter 24 Configuring SNMP Console> (enable) set snmp access-list 2 172.20.60.7 Access number 2 has been updated with new IP Address 172.20.60.7 Console> (enable) set snmp ifalias {ifIndex} [ifAlias] show snmp ifalias [ifIndex] 24-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Command set snmp access-list 2 172.20.60.7 mask 255.255.255.0 Access number 2 has been updated with access-number 101 have been cleared. show snmp access-list These examples show snmp access-list Access-Number...
Software Guide
Page 382
... target addresses for a group with a certain security model in privileged mode: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Task Command Set the SNMP-Server EngineID set snmp group [-hex] {groupname} user [-hex] {username} {security-model v1 | v2 | v3} [volatile | nonvolatile] Configure the community table for the local SNMP engine. Configure the MIB views. For detailed information on page 24-17). To configure SNMPv3 from the command-line interface (CLI), perform...
... target addresses for a group with a certain security model in privileged mode: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Task Command Set the SNMP-Server EngineID set snmp group [-hex] {groupname} user [-hex] {username} {security-model v1 | v2 | v3} [volatile | nonvolatile] Configure the community table for the local SNMP engine. Configure the MIB views. For detailed information on page 24-17). To configure SNMPv3 from the command-line interface (CLI), perform...
Software Guide
Page 423
... each power supply. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 28-3 Combined Mode Guidelines This section describes the guidelines for using redundant mode in the Catalyst 4500 series switches: • By default, the power supplies in a Catalyst 4500 series switch are brought up first, followed by powered devices. • See Table 28-1 on page 28-4 for a list of the maximum available power for chassis and inline power for each power supply...
... each power supply. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 28-3 Combined Mode Guidelines This section describes the guidelines for using redundant mode in the Catalyst 4500 series switches: • By default, the power supplies in a Catalyst 4500 series switch are brought up first, followed by powered devices. • See Table 28-1 on page 28-4 for a list of the maximum available power for chassis and inline power for each power supply...
Software Guide
Page 446
... fail. 30-2 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 For example, you can enable local authentication and one or more of attempts to successfully log in the SNMP trap. All authentication methods (RADIUS, TACACS+, Kerberos, or local) are locked out from the CLI and SNMP with the set authentication login attempt command. (You would use local authentication for console connections and RADIUS authentication for accessing enable mode.) The configurable...
... fail. 30-2 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 For example, you can enable local authentication and one or more of attempts to successfully log in the SNMP trap. All authentication methods (RADIUS, TACACS+, Kerberos, or local) are locked out from the CLI and SNMP with the set authentication login attempt command. (You would use local authentication for console connections and RADIUS authentication for accessing enable mode.) The configurable...
Software Guide
Page 457
... to the user mode CLI. To set in privileged mode: Task Set the password for access. Note Passwords that are set password Return on the switch: Console> (enable) set password Enter old password:old_password Enter new password:new_password Retype new password:new_password Password changed . Console> (enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 30-13 Chapter 30 Configuring Switch Access Using AAA Configuring Authentication Setting the Login Password The login password controls access to...
... to the user mode CLI. To set in privileged mode: Task Set the password for access. Note Passwords that are set password Return on the switch: Console> (enable) set password Enter old password:old_password Enter new password:new_password Retype new password:new_password Password changed . Console> (enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 30-13 Chapter 30 Configuring Switch Access Using AAA Configuring Authentication Setting the Login Password The login password controls access to...
Software Guide
Page 459
... characters. To create a local user account on the switch. Step 2 Verify the local user account. picard 15 Console> (enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 30-15 Enter the reset system command to the console port. Chapter 30 Configuring Switch Access Using AAA Configuring Authentication Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Connect to the switch through a Telnet connection. The enable password is null for your new password. At the...
... characters. To create a local user account on the switch. Step 2 Verify the local user account. picard 15 Console> (enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 30-15 Enter the reset system command to the console port. Chapter 30 Configuring Switch Access Using AAA Configuring Authentication Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Connect to the switch through a Telnet connection. The enable password is null for your new password. At the...
Software Guide
Page 480
... Configuring Switch Access Using AAA As an additional layer of authentication for that network service. To configure clients to forward user credentials as they connect to it, these users can configure the switch so that Kerberos clients are mandatory for a password. For example, Telnet prompts for users to authenticate to other network services: Console> (enable) set kerberos clients mandatory Kerberos clients set to None Kerberos config key: Kerberos SRVTAB Entries Srvtab Entry 1:host/aspen-niners.cisco.edu@CISCO...
... Configuring Switch Access Using AAA As an additional layer of authentication for that network service. To configure clients to forward user credentials as they connect to it, these users can configure the switch so that Kerberos clients are mandatory for a password. For example, Telnet prompts for users to authenticate to other network services: Console> (enable) set kerberos clients mandatory Kerberos clients set to None Kerberos config key: Kerberos SRVTAB Entries Srvtab Entry 1:host/aspen-niners.cisco.edu@CISCO...
Software Guide
Page 527
... boots when you reset the switch. Sample TFTP Download Procedures To see a step-by cisco Systems, Inc. Console> (enable) set boot system flash device:filename prepend command, so that show complete TFTP download procedures for downloading a supervisor engine software image from a TFTP server, see the "Sample TFTP Download Procedures" section on device bootflash, proceed (y/n) [n]? When the switch reboots, enter the show version 1 Mod Port Model Serial # Versions 1 0 WS-X4012 JAB03130104 Hw : 1.5 Gsp: 6.1(1.4) Nmp: 6.1(0.104) Console> (enable) copy tftp flash IP address...
... boots when you reset the switch. Sample TFTP Download Procedures To see a step-by cisco Systems, Inc. Console> (enable) set boot system flash device:filename prepend command, so that show complete TFTP download procedures for downloading a supervisor engine software image from a TFTP server, see the "Sample TFTP Download Procedures" section on device bootflash, proceed (y/n) [n]? When the switch reboots, enter the show version 1 Mod Port Model Serial # Versions 1 0 WS-X4012 JAB03130104 Hw : 1.5 Gsp: 6.1(1.4) Nmp: 6.1(0.104) Console> (enable) copy tftp flash IP address...