User Guide
Page 1
... 4-port Cisco HWIC-4ESW and the 9-port Cisco HWIC-D-9ESW EtherSwitch high-speed WAN interface cards (HWICs) hardware feature supported on a switch is routed through the router platform. Use Cisco Feature Navigator to another Cisco EtherSwitch HWIC or EtherSwitch network module in the same system. For the latest feature information and caveats, see the "Feature Information for the Cisco HWIC-4ESW and the Cisco HWIC-D-9ESW EtherSwitch Cards" section on a Cisco EtherSwitch HWIC may...
... 4-port Cisco HWIC-4ESW and the 9-port Cisco HWIC-D-9ESW EtherSwitch high-speed WAN interface cards (HWICs) hardware feature supported on a switch is routed through the router platform. Use Cisco Feature Navigator to another Cisco EtherSwitch HWIC or EtherSwitch network module in the same system. For the latest feature information and caveats, see the "Feature Information for the Cisco HWIC-4ESW and the Cisco HWIC-D-9ESW EtherSwitch Cards" section on a Cisco EtherSwitch HWIC may...
User Guide
Page 2
... information about the Cisco EtherSwitch HWICs. • Prerequisites for EtherSwitch HWICs, page 2 • Restrictions for EtherSwitch HWICs, page 2 • Information About EtherSwitch HWICs, page 3 • How to Configure EtherSwitch HWICs, page 5 • Configuration Examples for EtherSwitch HWICs, page 91 • Additional References, page 102 Prerequisites for EtherSwitch HWICs The following restrictions apply to the Cisco HWIC-4ESW and the Cisco HWIC-D-9ESW EtherSwitch HWICs: • No more than two Ethernet Switch HWICs or network...
... information about the Cisco EtherSwitch HWICs. • Prerequisites for EtherSwitch HWICs, page 2 • Restrictions for EtherSwitch HWICs, page 2 • Information About EtherSwitch HWICs, page 3 • How to Configure EtherSwitch HWICs, page 5 • Configuration Examples for EtherSwitch HWICs, page 91 • Additional References, page 102 Prerequisites for EtherSwitch HWICs The following restrictions apply to the Cisco HWIC-4ESW and the Cisco HWIC-D-9ESW EtherSwitch HWICs: • No more than two Ethernet Switch HWICs or network...
User Guide
Page 3
...-Port Ethernet Switch Module for the optional Gigabit Ethernet expansion board ports must be configured. Note Without this configuration and connection, duplications will occur in a single chassis. For information about VLANs, see the 16- Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Prerequisites for Installing Two Ethernet Switch Network Modules in a Single Chassis Prerequisites for Installing Two Ethernet Switch...
...-Port Ethernet Switch Module for the optional Gigabit Ethernet expansion board ports must be configured. Note Without this configuration and connection, duplications will occur in a single chassis. For information about VLANs, see the 16- Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Prerequisites for Installing Two Ethernet Switch Network Modules in a Single Chassis Prerequisites for Installing Two Ethernet Switch...
User Guide
Page 4
... About EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Inline Power for Cisco IP Phones For conceptual information about storm control, see the "Storm Control" section of the EtherSwitch Network Module. 4 Layer 2 Ethernet Switching For conceptual information about Layer 2 Ethernet switching, see the "Layer 2 Ethernet Switching" section of the EtherSwitch Network Module. 802.1x Authentication For conceptual information about a switched port analyzer...
... About EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Inline Power for Cisco IP Phones For conceptual information about storm control, see the "Storm Control" section of the EtherSwitch Network Module. 4 Layer 2 Ethernet Switching For conceptual information about Layer 2 Ethernet switching, see the "Layer 2 Ethernet Switching" section of the EtherSwitch Network Module. 802.1x Authentication For conceptual information about a switched port analyzer...
User Guide
Page 5
... authentication process). The port transmits and receives normal traffic without 802.1x-based authentication of times that the switch should wait for a response to an EAP request/identity frame from the client before retransmitting the request). 2 times (number of the client. Disabled. 5 Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Information About EtherSwitch HWICs Intrachassis Stacking For conceptual...
... authentication process). The port transmits and receives normal traffic without 802.1x-based authentication of times that the switch should wait for a response to an EAP request/identity frame from the client before retransmitting the request). 2 times (number of the client. Disabled. 5 Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Information About EtherSwitch HWICs Intrachassis Stacking For conceptual...
User Guide
Page 6
... Spanning Tree, page 30 • Configuring MAC Table Manipulation, page 39 • Configuring Cisco Discovery Protocol, page 41 • Configuring the Switched Port Analyzer (SPAN), page 44 • Configuring Power Management on a SPAN source port. How to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Table 1 Default 802.1x Configuration (continued) Feature Client timeout period Authentication server...
... Spanning Tree, page 30 • Configuring MAC Table Manipulation, page 39 • Configuring Cisco Discovery Protocol, page 41 • Configuring the Switched Port Analyzer (SPAN), page 44 • Configuring Power Management on a SPAN source port. How to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Table 1 Default 802.1x Configuration (continued) Feature Client timeout period Authentication server...
User Guide
Page 15
... string 15 enable 2. interface fastethernet interface-id 4. SUMMARY STEPS 1. You cannot change the duplex mode of an interface to help you set the port speed to Configure EtherSwitch HWICs SUMMARY STEPS 1. configure terminal 3. Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to auto on a 10/100-Mbps Ethernet interface, both speed and duplex are automatically negotiated.
... string 15 enable 2. interface fastethernet interface-id 4. SUMMARY STEPS 1. You cannot change the duplex mode of an interface to help you set the port speed to Configure EtherSwitch HWICs SUMMARY STEPS 1. configure terminal 3. Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to auto on a 10/100-Mbps Ethernet interface, both speed and duplex are automatically negotiated.
User Guide
Page 18
...Interface as Layer 2 Access Follow these steps below to prevent traffic flow until configuration is set to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Note Ports do not support Dynamic Trunk Protocol (DTP). no shutdown 8. Configures the interface as Layer 2 access....a mode that will not send DTP. configure terminal 3. Enters global configuration mode. SUMMARY STEPS 1. Ensure that the neighboring switch is complete. end DETAILED STEPS Command or Action Step 1 enable Step 2 Example: Router> enable configure terminal Purpose Enables ...
...Interface as Layer 2 Access Follow these steps below to prevent traffic flow until configuration is set to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Note Ports do not support Dynamic Trunk Protocol (DTP). no shutdown 8. Configures the interface as Layer 2 access....a mode that will not send DTP. configure terminal 3. Enters global configuration mode. SUMMARY STEPS 1. Ensure that the neighboring switch is complete. end DETAILED STEPS Command or Action Step 1 enable Step 2 Example: Router> enable configure terminal Purpose Enables ...
User Guide
Page 19
...Switch-to-Client Frame-Retransmission Number, page 26 • Enabling Multiple Hosts, page 27 • Resetting the 802.1x Configuration to the Default Values, page 28 • Displaying 802.1x Statistics and Status, page 29 Enabling 802.1x Authentication To enable 802.1x port... to authenticate a user. If authentication fails at any point in the method list. configure terminal 19 Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 6 Command or Action switchport access vlan vlan-number Step 7 Example: Router(config-if)# switchport ...
...Switch-to-Client Frame-Retransmission Number, page 26 • Enabling Multiple Hosts, page 27 • Resetting the 802.1x Configuration to the Default Values, page 28 • Displaying 802.1x Statistics and Status, page 29 Enabling 802.1x Authentication To enable 802.1x port... to authenticate a user. If authentication fails at any point in the method list. configure terminal 19 Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Step 6 Command or Action switchport access vlan vlan-number Step 7 Example: Router(config-if)# switchport ...
User Guide
Page 20
...ports see the "802.1x Configuration Guidelines" section on page 19. Enters global configuration mode. Example: Router(config-if)# end 20 interface interface-type interface-number 5. The client is automatically authenticated without the switch using the information supplied by the methods that are to be enabled for authentication. - Returns to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC...-D-9ESW EtherSwitch ...
...ports see the "802.1x Configuration Guidelines" section on page 19. Enters global configuration mode. Example: Router(config-if)# end 20 interface interface-type interface-number 5. The client is automatically authenticated without the switch using the information supplied by the methods that are to be enabled for authentication. - Returns to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC...-D-9ESW EtherSwitch ...
User Guide
Page 21
...8226; Enter your entries. This procedure is required. configure terminal 3. show dot1x copy running -config startup-config Configuring the Switch-to-RADIUS-Server Communication RADIUS security servers are tried in the configuration file. Follow these steps to configure the RADIUS server ... by their host name or IP address, host name and specific UDP port numbers, or IP address and specific UDP port numbers. Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Command or Action Step 7 show dot1x Purpose Verifies your password if prompted...
...8226; Enter your entries. This procedure is required. configure terminal 3. show dot1x copy running -config startup-config Configuring the Switch-to-RADIUS-Server Communication RADIUS security servers are tried in the configuration file. Follow these steps to configure the RADIUS server ... by their host name or IP address, host name and specific UDP port numbers, or IP address and specific UDP port numbers. Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Command or Action Step 7 show dot1x Purpose Verifies your password if prompted...
User Guide
Page 22
..., repeat this command. How to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Step 3 Command or Action radius-server host {hostname | ip-address} auth-port port-number key string Example: Router(config)# radius-server host hostseven auth-port 75 key newauthority75 Step 4 end Purpose Configures the RADIUS server parameters on the switch. • For hostname | ip-address...
..., repeat this command. How to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Step 3 Command or Action radius-server host {hostname | ip-address} auth-port port-number key string Example: Router(config)# radius-server host hostseven auth-port 75 key newauthority75 Step 4 end Purpose Configures the RADIUS server parameters on the switch. • For hostname | ip-address...
User Guide
Page 23
...: Router(config)# end 23 dot1x timeout re-authperiod seconds Sets the number of seconds between reauthentication attempts. Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to 4294967295; dot1x re-authentication 4. dot1x timeout re-authperiod seconds 5. show dot1x 7. copy... 4 Step 5 Example: Router# configure terminal dot1x re-authentication Enables periodic reauthentication of the switch only if periodic reauthentication is enabled end Returns to individual ports. If you do not specify a time period before enabling reauthentication, the number of seconds...
...: Router(config)# end 23 dot1x timeout re-authperiod seconds Sets the number of seconds between reauthentication attempts. Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to 4294967295; dot1x re-authentication 4. dot1x timeout re-authperiod seconds 5. show dot1x 7. copy... 4 Step 5 Example: Router# configure terminal dot1x re-authentication Enables periodic reauthentication of the switch only if periodic reauthentication is enabled end Returns to individual ports. If you do not specify a time period before enabling reauthentication, the number of seconds...
User Guide
Page 27
... interface interface-type interface-number 4. Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to the network. Returns to auto. Follow these steps below to allow multiple hosts (clients) on an 802.1x-authorized port that the switch sends an EAP-request/identity frame ...config Enabling Multiple Hosts You can attach multiple hosts to be successfully authorized for all attached clients are denied access to Configure EtherSwitch HWICs DETAILED STEPS Command or Action Step 1 enable Step 2 Example: Router> enable configure terminal Purpose Enables privileged EXEC mode....
... interface interface-type interface-number 4. Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to the network. Returns to auto. Follow these steps below to allow multiple hosts (clients) on an 802.1x-authorized port that the switch sends an EAP-request/identity frame ...config Enabling Multiple Hosts You can attach multiple hosts to be successfully authorized for all attached clients are denied access to Configure EtherSwitch HWICs DETAILED STEPS Command or Action Step 1 enable Step 2 Example: Router> enable configure terminal Purpose Enables privileged EXEC mode....
User Guide
Page 28
... sure that the dot1x port-control interface configuration command is set to privileged EXEC mode. Returns to auto for the specified interface. Step 7 Example: Router# show dot1x Verifies your entries in the configuration file. Follow these steps to reset the 802.1x configuration to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards 7. How to...
... sure that the dot1x port-control interface configuration command is set to privileged EXEC mode. Returns to auto for the specified interface. Step 7 Example: Router# show dot1x Verifies your entries in the configuration file. Follow these steps to reset the 802.1x configuration to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards 7. How to...
User Guide
Page 29
...-config Displaying 802.1x Statistics and Status To display 802.1x statistics for the switch, use the show dot1x statistics privileged EXEC command. To display the 802.1x... Router> enable configure terminal Purpose Enables privileged EXEC mode. • Enter your entries. Returns to Configure EtherSwitch HWICs 5. Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to privileged EXEC mode. Step 3 Example: Router# configure terminal dot1x default Step 4 ... Tree, page 30 • Configuring Spanning Tree Port Priority, page 31 29 Step 6 Example: Router# show dot1x 6.
...-config Displaying 802.1x Statistics and Status To display 802.1x statistics for the switch, use the show dot1x statistics privileged EXEC command. To display the 802.1x... Router> enable configure terminal Purpose Enables privileged EXEC mode. • Enter your entries. Returns to Configure EtherSwitch HWICs 5. Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to privileged EXEC mode. Step 3 Example: Router# configure terminal dot1x default Step 4 ... Tree, page 30 • Configuring Spanning Tree Port Priority, page 31 29 Step 6 Example: Router# show dot1x 6.
User Guide
Page 30
...vlan 200 Verifies spanning tree configuration. • Enter the VLAN number. 30 end 5. Returns to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards • Configuring Spanning Tree Port Cost, page 32 • Configuring the Bridge Priority of spanning tree for a VLAN, page 36 ...vlan-id Step 4 Example: Router(config)# spanning-tree vlan 200 end Enables spanning tree on which you disable spanning tree). The switch maintains a separate instance of a VLAN, page 34 • Configuring Hello Time, page 35 • Configuring the Forward-Delay ...
...vlan 200 Verifies spanning tree configuration. • Enter the VLAN number. 30 end 5. Returns to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards • Configuring Spanning Tree Port Cost, page 32 • Configuring the Bridge Priority of spanning tree for a VLAN, page 36 ...vlan-id Step 4 Example: Router(config)# spanning-tree vlan 200 end Enables spanning tree on which you disable spanning tree). The switch maintains a separate instance of a VLAN, page 34 • Configuring Hello Time, page 35 • Configuring the Forward-Delay ...
User Guide
Page 31
... be from 4 to 252 in increments of 4. • Use the no form of an interface. Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Configuring Spanning Tree Port Priority Follow the steps below to configure the spanning tree port priority of this command to restore the defaults. enable 2. show spanning-tree interface DETAILED STEPS...
... be from 4 to 252 in increments of 4. • Use the no form of an interface. Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to Configure EtherSwitch HWICs Configuring Spanning Tree Port Priority Follow the steps below to configure the spanning tree port priority of this command to restore the defaults. enable 2. show spanning-tree interface DETAILED STEPS...
User Guide
Page 32
... cost values are two classes of values. configure terminal 3. How to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Command or Action Step 6 end Purpose Returns to 65535. Assigning Short Port Cost Values You can manually assign port costs in Table 2. Table 2 Port Speed 10 Mbps 100 Mbps Default Cost Values Default Cost Value 100 19...
... cost values are two classes of values. configure terminal 3. How to Configure EtherSwitch HWICs Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards Command or Action Step 6 end Purpose Returns to 65535. Assigning Short Port Cost Values You can manually assign port costs in Table 2. Table 2 Port Speed 10 Mbps 100 Mbps Default Cost Values Default Cost Value 100 19...
User Guide
Page 33
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to configure, and enters interface configuration mode. • Enter the interface number. end 7. Step 7 Example: Router(config)# end show spanning-tree interface ... from 1 to 65,535. • Use the no form of this command to 65,535 in the configuration file. spanning-tree vlan vlan-id cost port-cost 6. Example: Router# show spanning-tree interface DETAILED STEPS Command or Action Step 1 enable Step 2 Example: Router> enable configure terminal Purpose Enables privileged EXEC mode...
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards How to configure, and enters interface configuration mode. • Enter the interface number. end 7. Step 7 Example: Router(config)# end show spanning-tree interface ... from 1 to 65,535. • Use the no form of this command to 65,535 in the configuration file. spanning-tree vlan vlan-id cost port-cost 6. Example: Router# show spanning-tree interface DETAILED STEPS Command or Action Step 1 enable Step 2 Example: Router> enable configure terminal Purpose Enables privileged EXEC mode...
