Software Configuration Guide
Page 7
... Groups 7-12 Automatic Recovery of Cluster Configuration 7-14 IP Addresses 7-14 Host Names 7-15 Passwords 7-15 SNMP Community Strings 7-15 TACACS+ and RADIUS 7-16 Access Modes in CMS 7-16 Management VLAN 7-16 LRE Profiles 7-17 Availability of Switch-Specific Features in Switch Clusters 7-17 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide vii
... Groups 7-12 Automatic Recovery of Cluster Configuration 7-14 IP Addresses 7-14 Host Names 7-15 Passwords 7-15 SNMP Community Strings 7-15 TACACS+ and RADIUS 7-16 Access Modes in CMS 7-16 Management VLAN 7-16 LRE Profiles 7-17 Availability of Switch-Specific Features in Switch Clusters 7-17 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide vii
Software Configuration Guide
Page 9
...Switch-Based Authentication 9-1 Preventing Unauthorized Access to Your Switch 9-1 Protecting Access to Privileged EXEC Commands 9-2 Default Password and Privilege Level Configuration 9-2 Setting or Changing a Static Enable Password 9-3 Protecting Enable and Enable Secret Passwords with Encryption 9-4 Disabling Password Recovery 9-5 Setting a Telnet Password for a Terminal Line 9-6 Configuring Username and Password... 9-17 Controlling Switch Access with RADIUS 9-18 Understanding RADIUS 9-18 RADIUS Operation 9-19 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide ix
...Switch-Based Authentication 9-1 Preventing Unauthorized Access to Your Switch 9-1 Protecting Access to Privileged EXEC Commands 9-2 Default Password and Privilege Level Configuration 9-2 Setting or Changing a Static Enable Password 9-3 Protecting Enable and Enable Secret Passwords with Encryption 9-4 Disabling Password Recovery 9-5 Setting a Telnet Password for a Terminal Line 9-6 Configuring Username and Password... 9-17 Controlling Switch Access with RADIUS 9-18 Understanding RADIUS 9-18 RADIUS Operation 9-19 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide ix
Software Configuration Guide
Page 17
...Options 18-7 VTP Configuration in Global Configuration Mode 18-7 VTP Configuration in VLAN Configuration Mode 18-7 VTP Configuration Guidelines 18-8 Domain Names 18-8 Passwords 18-8 Upgrading from Previous Software Releases 18-8 VTP Version 18-9 Configuration Requirements 18-9 Configuring a VTP Server 18-9 Configuring a VTP Client 18... VTP (VTP Transparent Mode) 18-12 Enabling VTP Version 2 18-13 Enabling VTP Pruning 18-14 Adding a VTP Client Switch to a VTP Domain 18-14 Monitoring VTP 18-16 Contents 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide xvii
...Options 18-7 VTP Configuration in Global Configuration Mode 18-7 VTP Configuration in VLAN Configuration Mode 18-7 VTP Configuration Guidelines 18-8 Domain Names 18-8 Passwords 18-8 Upgrading from Previous Software Releases 18-8 VTP Version 18-9 Configuration Requirements 18-9 Configuring a VTP Server 18-9 Configuring a VTP Client 18... VTP (VTP Transparent Mode) 18-12 Enabling VTP Version 2 18-13 Enabling VTP Pruning 18-14 Adding a VTP Client Switch to a VTP Domain 18-14 Monitoring VTP 18-16 Contents 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide xvii
Software Configuration Guide
Page 25
... 32-2 Recovering from Lost or Forgotten Passwords on Non-LRE Catalyst 2950 Switches 32-2 Recovering from Lost or Forgotten Passwords on Catalyst 2950 LRE Switches 32-4 Password Recovery with Password Recovery Enabled 32-5 Procedure with Password Recovery Disabled 32-6 Recovering from Lost or Forgotten Passwords on Catalyst 2955 Switches 32-8 Recovering from a Command Switch Failure 32-10 Replacing a Failed Command Switch with a Cluster Member 32-11...
... 32-2 Recovering from Lost or Forgotten Passwords on Non-LRE Catalyst 2950 Switches 32-2 Recovering from Lost or Forgotten Passwords on Catalyst 2950 LRE Switches 32-4 Password Recovery with Password Recovery Enabled 32-5 Procedure with Password Recovery Disabled 32-6 Recovering from Lost or Forgotten Passwords on Catalyst 2955 Switches 32-8 Recovering from a Command Switch Failure 32-10 Replacing a Failed Command Switch with a Cluster Member 32-11...
Software Configuration Guide
Page 29
...switch IP information and passwords by using the browser setup program described in the switch hardware installation guide. • Cluster Management Suite (CMS) information-This guide provides an overview of Ethernet and local area networking. The Catalyst 2955 and Catalyst 2950 Long-Reach Ethernet (LRE) switches are described in Chapter 3, "Configuring Catalyst 2955 Switch... on your switch. The Catalyst 2955 switch also supports an additional set of features, including access control lists (ACLs), enhanced quality of switches that have experience working with the Cisco IOS and...
...switch IP information and passwords by using the browser setup program described in the switch hardware installation guide. • Cluster Management Suite (CMS) information-This guide provides an overview of Ethernet and local area networking. The Catalyst 2955 and Catalyst 2950 Long-Reach Ethernet (LRE) switches are described in Chapter 3, "Configuring Catalyst 2955 Switch... on your switch. The Catalyst 2955 switch also supports an additional set of features, including access control lists (ACLs), enhanced quality of switches that have experience working with the Cisco IOS and...
Software Configuration Guide
Page 30
...these conventions and symbols: Note Means reader take note. In this release and to install your switch. It does not provide detailed information about the standard Cisco IOS Release 12.1 commands, refer to the command reference for this situation, you enter is in...such as passwords or tabs, are in this release. On the Cisco Product Documentation home page, select Release 12.1 from the Cisco.com home page at Service and Support > Technical Documents. Interactive examples use these commands. Caution Means reader be careful. Catalyst 2950 and Catalyst 2955 Switch Software ...
...these conventions and symbols: Note Means reader take note. In this release and to install your switch. It does not provide detailed information about the standard Cisco IOS Release 12.1 commands, refer to the command reference for this situation, you enter is in...such as passwords or tabs, are in this release. On the Cisco Product Documentation home page, select Release 12.1 from the Cisco.com home page at Service and Support > Technical Documents. Interactive examples use these commands. Caution Means reader be careful. Catalyst 2950 and Catalyst 2955 Switch Software ...
Software Configuration Guide
Page 33
... is not resolved using the recommended resources, your business operations. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide xxxiii If your issue is little or no effect on the Cisco Technical Support Website requires a Cisco.com user ID and password. If you have a valid service contract but most business operations remain functional. Severity...
... is not resolved using the recommended resources, your business operations. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide xxxiii If your issue is little or no effect on the Cisco Technical Support Website requires a Cisco.com user ID and password. If you have a valid service contract but most business operations remain functional. Severity...
Software Configuration Guide
Page 36
...Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 1-2 78-11380-10 Table 1-2 LRE Switch and CPE Compatibility Matrix LRE Devices Catalyst 2950ST-8 LRE switch Cisco 575 LRE Yes CPE Cisco 576 LRE 997 No CPE Cisco 585 LRE Yes CPE Catalyst 2950ST-24 LRE switch Yes Catalyst 2950ST-24 LRE 997 switch... Switch clustering technology used with basic IP information, contact information, switch and Telnet passwords, and Simple Network Management Protocol (SNMP) information through a browser-based program • User-defined Smartports macros for creating custom switch ...
...Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 1-2 78-11380-10 Table 1-2 LRE Switch and CPE Compatibility Matrix LRE Devices Catalyst 2950ST-8 LRE switch Cisco 575 LRE Yes CPE Cisco 576 LRE 997 No CPE Cisco 585 LRE Yes CPE Catalyst 2950ST-24 LRE switch Yes Catalyst 2950ST-24 LRE 997 switch... Switch clustering technology used with basic IP information, contact information, switch and Telnet passwords, and Simple Network Management Protocol (SNMP) information through a browser-based program • User-defined Smartports macros for creating custom switch ...
Software Configuration Guide
Page 39
... and bandwidth Note The Catalyst 2950-12, Catalyst 2950-24, Catalyst 2950SX-24, Catalyst 2950SX-48-SI, and Catalyst 2950T-48-SI switches support only 64 port-based VLANs. • The switch supports up to 4094 ...Protected port option for restricting the forwarding of traffic to designated ports on the same switch • Password-protected access (read-only and read-write access) to management interfaces (CMS and CLI...1 to be used • Voice VLAN for creating subnets for voice traffic from Cisco IP Phones • VLAN 1 minimization to reduce the risk of trunking encapsulation (802.1Q...
... and bandwidth Note The Catalyst 2950-12, Catalyst 2950-24, Catalyst 2950SX-24, Catalyst 2950SX-48-SI, and Catalyst 2950T-48-SI switches support only 64 port-based VLANs. • The switch supports up to 4094 ...Protected port option for restricting the forwarding of traffic to designated ports on the same switch • Password-protected access (read-only and read-write access) to management interfaces (CMS and CLI...1 to be used • Voice VLAN for creating subnets for voice traffic from Cisco IP Phones • VLAN 1 minimization to reduce the risk of trunking encapsulation (802.1Q...
Software Configuration Guide
Page 57
...the CLI, page 2-9 Cisco IOS Command Modes The user interface is divided into many different modes. For example, most of show the current configuration status, and clear commands, which mode you start at the system prompt to configure your Catalyst 2950 and Catalyst 2955 switches. To have access to... and line), you can enter any privileged EXEC command or enter global configuration mode. Normally, you must enter a password to you depend on the switch, you must enter privileged EXEC mode. The commands available to enter privileged EXEC mode. To access the various configuration modes...
...the CLI, page 2-9 Cisco IOS Command Modes The user interface is divided into many different modes. For example, most of show the current configuration status, and clear commands, which mode you start at the system prompt to configure your Catalyst 2950 and Catalyst 2955 switches. To have access to... and line), you can enter any privileged EXEC command or enter global configuration mode. Normally, you must enter a password to you depend on the switch, you must enter privileged EXEC mode. The commands available to enter privileged EXEC mode. To access the various configuration modes...
Software Configuration Guide
Page 58
...mode, enter the configure command. Switch(vlan)# Exit Method About This Mode Enter logout or quit. Use a password to protect access to privileged EXEC...privileged EXEC mode, enter the vlan database command. Switch(config-vlan)# While in the switch startup configuration file. Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-2 78-11380-10 Enter disable ...VLAN configuration Access Method Prompt Begin a session with Switch> your switch. To exit to global configuration mode, enter the exit command. Cisco IOS Command Modes Chapter 2 Using the Command-Line ...
...mode, enter the configure command. Switch(vlan)# Exit Method About This Mode Enter logout or quit. Use a password to protect access to privileged EXEC...privileged EXEC mode, enter the vlan database command. Switch(config-vlan)# While in the switch startup configuration file. Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-2 78-11380-10 Enter disable ...VLAN configuration Access Method Prompt Begin a session with Switch> your switch. To exit to global configuration mode, enter the exit command. Cisco IOS Command Modes Chapter 2 Using the Command-Line ...
Software Configuration Guide
Page 65
... of the keywords begin | include | exclude} regular-expression Expressions are case sensitive. The switch must have an enable secret password configured. The switch supports up to see the "Setting a Telnet Password for Secure Shell" section on the management station. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-9 Changes made by either • Connecting the...
... of the keywords begin | include | exclude} regular-expression Expressions are case sensitive. The switch must have an enable secret password configured. The switch supports up to see the "Setting a Telnet Password for Secure Shell" section on the management station. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-9 Changes made by either • Connecting the...
Software Configuration Guide
Page 66
... plug-in configurations) and have assigned IP information and a Telnet password to end the browser session. 2-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 HTML access to the command line interface from a web browser, follow these pages, including the Cisco Systems Access page. Note Copies of the supported browsers. Enter the...
... plug-in configurations) and have assigned IP information and a Telnet password to end the browser session. 2-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 HTML access to the command line interface from a web browser, follow these pages, including the Cisco Systems Access page. Note Copies of the supported browsers. Enter the...
Software Configuration Guide
Page 87
...are examples of how CMS can have a mix of switch models using the enable password (or no password) for access to the switch, you have not configured a specific (nondefault) HTTP port and are not the same as Switch Manager. Cisco IOS Release 12.1(6)EA1 or earlier - Note If you ... CLI commands that CMS in earlier Cisco IOS releases and on different switch platforms might look and function differently from a standard web browser. Cisco IOS Release 12.2(18)SE or later • CMS on page 4-10. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 4-9 This is ...
...are examples of how CMS can have a mix of switch models using the enable password (or no password) for access to the switch, you have not configured a specific (nondefault) HTTP port and are not the same as Switch Manager. Cisco IOS Release 12.1(6)EA1 or earlier - Note If you ... CLI commands that CMS in earlier Cisco IOS releases and on different switch platforms might look and function differently from a standard web browser. Cisco IOS Release 12.2(18)SE or later • CMS on page 4-10. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 4-9 This is ...
Software Configuration Guide
Page 88
... default method of authentication you have configured the HTTP server interface, display the switch home page, as defined on the Cisco router or access server, is used. • tacacs-TACACS server is configured) in the password field. 4-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 Beginning in the browser Location or Address...
... default method of authentication you have configured the HTTP server interface, display the switch home page, as defined on the Cisco router or access server, is used. • tacacs-TACACS server is configured) in the password field. 4-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 Beginning in the browser Location or Address...
Software Configuration Guide
Page 95
.... • Performs power-on the Catalyst 2950 Long-Reach Ethernet (LRE) switches. The normal boot process involves the...Catalyst 2950 or Catalyst 2955 switch by using a variety of the switch. It tests the CPU DRAM and the portion of the flash device that makes up the flash file system. • Initializes the flash file system on the switch, and setting up the initial configuration (IP address, subnet mask, default gateway, secret and Telnet passwords... the switch. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 5-1 CH A P T E R 5 Assigning the Switch IP ...
.... • Performs power-on the Catalyst 2950 Long-Reach Ethernet (LRE) switches. The normal boot process involves the...Catalyst 2950 or Catalyst 2955 switch by using a variety of the switch. It tests the CPU DRAM and the portion of the flash device that makes up the flash file system. • Initializes the flash file system on the switch, and setting up the initial configuration (IP address, subnet mask, default gateway, secret and Telnet passwords... the switch. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 5-1 CH A P T E R 5 Assigning the Switch IP ...
Software Configuration Guide
Page 96
... not support Express Setup. Otherwise, use one of assigning a Telnet password (to provide security during remote management) and enabling Simple Network Management Protocol (SNMP). Non-LRE Catalyst 2950 switches running a release prior to Cisco IOS Release 12.1(14)EA1 and Catalyst 2950 LRE switches running a release prior to Cisco IOS Release 12.1(19)EA1 do not support Express Setup...
... not support Express Setup. Otherwise, use one of assigning a Telnet password (to provide security during remote management) and enabling Simple Network Management Protocol (SNMP). Non-LRE Catalyst 2950 switches running a release prior to Cisco IOS Release 12.1(14)EA1 and Catalyst 2950 LRE switches running a release prior to Cisco IOS Release 12.1(19)EA1 do not support Express Setup...
Software Configuration Guide
Page 97
...IP Information, page 5-10 Default Switch Information Table 5-1 shows the default switch information. No password is automatically configured at startup with IP address information and a configuration file. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 5-3 During DHCP-based autoconfiguration, your switch. Use a DHCP server for centralized...and internetworking devices. No default gateway is defined. No cluster name is defined. No password is built on Catalyst 2955 switches. Disabled. DHCP is defined. The switch can act as a standalone...
...IP Information, page 5-10 Default Switch Information Table 5-1 shows the default switch information. No password is automatically configured at startup with IP address information and a configuration file. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 5-3 During DHCP-based autoconfiguration, your switch. Use a DHCP server for centralized...and internetworking devices. No default gateway is defined. No cluster name is defined. No password is built on Catalyst 2955 switches. Disabled. DHCP is defined. The switch can act as a standalone...
Software Configuration Guide
Page 130
..." section on page 7-14 and "Passwords" section on standby cluster command switches. Understanding Switch Clusters Chapter 7 Clustering Switches • If a non-LRE Catalyst 2950 standby command switch is running a release earlier than Cisco IOS Release 12.1(9)EA1, it is connected to the command switch and to the command switch through its own IP address and password (for their management VLANs. To...
..." section on page 7-14 and "Passwords" section on standby cluster command switches. Understanding Switch Clusters Chapter 7 Clustering Switches • If a non-LRE Catalyst 2950 standby command switch is running a release earlier than Cisco IOS Release 12.1(9)EA1, it is connected to the command switch and to the command switch through its own IP address and password (for their management VLANs. To...
Software Configuration Guide
Page 131
...Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 7-5 Access should understand before you create the cluster: • Automatic Discovery of Cluster Candidates and Members, page 7-5 • HSRP and Standby Command Switches, page 7-11 • IP Addresses, page 7-14 • Host Names, page 7-15 • Passwords... to limit access to discover member switches, candidate switches, neighboring switch clusters, and edge devices in configurations. Automatic Discovery of Cluster Candidates and Members The command switch uses Cisco Discovery Protocol (CDP) to specific hosts...
...Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 7-5 Access should understand before you create the cluster: • Automatic Discovery of Cluster Candidates and Members, page 7-5 • HSRP and Standby Command Switches, page 7-11 • IP Addresses, page 7-14 • Host Names, page 7-15 • Passwords... to limit access to discover member switches, candidate switches, neighboring switch clusters, and edge devices in configurations. Automatic Discovery of Cluster Candidates and Members The command switch uses Cisco Discovery Protocol (CDP) to specific hosts...