Software Configuration Guide
Page 7
... Groups 7-12 Automatic Recovery of Cluster Configuration 7-14 IP Addresses 7-14 Host Names 7-15 Passwords 7-15 SNMP Community Strings 7-15 TACACS+ and RADIUS 7-16 Access Modes in CMS 7-16 Management VLAN 7-16 LRE Profiles 7-17 Availability of Switch-Specific Features in Switch Clusters 7-17 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide vii
... Groups 7-12 Automatic Recovery of Cluster Configuration 7-14 IP Addresses 7-14 Host Names 7-15 Passwords 7-15 SNMP Community Strings 7-15 TACACS+ and RADIUS 7-16 Access Modes in CMS 7-16 Management VLAN 7-16 LRE Profiles 7-17 Availability of Switch-Specific Features in Switch Clusters 7-17 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide vii
Software Configuration Guide
Page 9
...Switch-Based Authentication 9-1 Preventing Unauthorized Access to Your Switch 9-1 Protecting Access to Privileged EXEC Commands 9-2 Default Password and Privilege Level Configuration 9-2 Setting or Changing a Static Enable Password 9-3 Protecting Enable and Enable Secret Passwords with Encryption 9-4 Disabling Password Recovery 9-5 Setting a Telnet Password for a Terminal Line 9-6 Configuring Username and Password... 9-17 Controlling Switch Access with RADIUS 9-18 Understanding RADIUS 9-18 RADIUS Operation 9-19 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide ix
...Switch-Based Authentication 9-1 Preventing Unauthorized Access to Your Switch 9-1 Protecting Access to Privileged EXEC Commands 9-2 Default Password and Privilege Level Configuration 9-2 Setting or Changing a Static Enable Password 9-3 Protecting Enable and Enable Secret Passwords with Encryption 9-4 Disabling Password Recovery 9-5 Setting a Telnet Password for a Terminal Line 9-6 Configuring Username and Password... 9-17 Controlling Switch Access with RADIUS 9-18 Understanding RADIUS 9-18 RADIUS Operation 9-19 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide ix
Software Configuration Guide
Page 17
...Options 18-7 VTP Configuration in Global Configuration Mode 18-7 VTP Configuration in VLAN Configuration Mode 18-7 VTP Configuration Guidelines 18-8 Domain Names 18-8 Passwords 18-8 Upgrading from Previous Software Releases 18-8 VTP Version 18-9 Configuration Requirements 18-9 Configuring a VTP Server 18-9 Configuring a VTP Client 18... VTP (VTP Transparent Mode) 18-12 Enabling VTP Version 2 18-13 Enabling VTP Pruning 18-14 Adding a VTP Client Switch to a VTP Domain 18-14 Monitoring VTP 18-16 Contents 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide xvii
...Options 18-7 VTP Configuration in Global Configuration Mode 18-7 VTP Configuration in VLAN Configuration Mode 18-7 VTP Configuration Guidelines 18-8 Domain Names 18-8 Passwords 18-8 Upgrading from Previous Software Releases 18-8 VTP Version 18-9 Configuration Requirements 18-9 Configuring a VTP Server 18-9 Configuring a VTP Client 18... VTP (VTP Transparent Mode) 18-12 Enabling VTP Version 2 18-13 Enabling VTP Pruning 18-14 Adding a VTP Client Switch to a VTP Domain 18-14 Monitoring VTP 18-16 Contents 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide xvii
Software Configuration Guide
Page 25
... 32-2 Recovering from Lost or Forgotten Passwords on Non-LRE Catalyst 2950 Switches 32-2 Recovering from Lost or Forgotten Passwords on Catalyst 2950 LRE Switches 32-4 Password Recovery with Password Recovery Enabled 32-5 Procedure with Password Recovery Disabled 32-6 Recovering from Lost or Forgotten Passwords on Catalyst 2955 Switches 32-8 Recovering from a Command Switch Failure 32-10 Replacing a Failed Command Switch with a Cluster Member 32-11...
... 32-2 Recovering from Lost or Forgotten Passwords on Non-LRE Catalyst 2950 Switches 32-2 Recovering from Lost or Forgotten Passwords on Catalyst 2950 LRE Switches 32-4 Password Recovery with Password Recovery Enabled 32-5 Procedure with Password Recovery Disabled 32-6 Recovering from Lost or Forgotten Passwords on Catalyst 2955 Switches 32-8 Recovering from a Command Switch Failure 32-10 Replacing a Failed Command Switch with a Cluster Member 32-11...
Software Configuration Guide
Page 29
... guide, you should have experience working with the Cisco IOS and be familiar with other documents for information about these topics: • Requirements-This guide assumes that you have assigned switch IP information and passwords by using the CLI. The Catalyst 2955 and Catalyst 2950 Long-Reach Ethernet (LRE) switches are described in the release notes. •...
... guide, you should have experience working with the Cisco IOS and be familiar with other documents for information about these topics: • Requirements-This guide assumes that you have assigned switch IP information and passwords by using the CLI. The Catalyst 2955 and Catalyst 2950 Long-Reach Ethernet (LRE) switches are described in the release notes. •...
Software Configuration Guide
Page 30
... standard Cisco IOS Release 12.1 commands, refer to the Cisco IOS documentation set available from the Cisco IOS Software drop-down list. Caution Means reader be careful. Catalyst 2950 and Catalyst 2955 Switch Software ...Configuration Guide xxx 78-11380-10 Interactive examples use these commands. Notes, cautions, and timesavers use these conventions: • Terminal sessions and system displays are in screen font. • Information you enter is in boldface screen font. • Nonprinting characters, such as passwords...
... standard Cisco IOS Release 12.1 commands, refer to the Cisco IOS documentation set available from the Cisco IOS Software drop-down list. Caution Means reader be careful. Catalyst 2950 and Catalyst 2955 Switch Software ...Configuration Guide xxx 78-11380-10 Interactive examples use these commands. Notes, cautions, and timesavers use these conventions: • Terminal sessions and system displays are in screen font. • Information you enter is in boldface screen font. • Nonprinting characters, such as passwords...
Software Configuration Guide
Page 33
... on your business operations. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide xxxiii Severity 4 (S4)-You require information or assistance with Cisco products and technologies. Severity 1 (S1)-Your network is little or no effect on the Cisco Technical Support Website requires a Cisco.com user ID and password. If you can register at this URL...
... on your business operations. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide xxxiii Severity 4 (S4)-You require information or assistance with Cisco products and technologies. Severity 1 (S1)-Your network is little or no effect on the Cisco Technical Support Website requires a Cisco.com user ID and password. If you can register at this URL...
Software Configuration Guide
Page 36
... release. Ease of Use and Ease of Deployment • Express Setup for quickly configuring a switch for the first time with basic IP information, contact information, switch and Telnet passwords, and Simple Network Management Protocol (SNMP) information through a browser-based program • User-...EI Certain Cisco Long-Reach Ethernet (LRE) customer premises equipment (CPE) devices are not directly connected to the release notes for a list of cluster candidates that the CPE is supported by certain Catalyst 2950 LRE switches. No means that are not supported by the switch; Unified ...
... release. Ease of Use and Ease of Deployment • Express Setup for quickly configuring a switch for the first time with basic IP information, contact information, switch and Telnet passwords, and Simple Network Management Protocol (SNMP) information through a browser-based program • User-...EI Certain Cisco Long-Reach Ethernet (LRE) customer premises equipment (CPE) devices are not directly connected to the release notes for a list of cluster candidates that the CPE is supported by certain Catalyst 2950 LRE switches. No means that are not supported by the switch; Unified ...
Software Configuration Guide
Page 39
... and bandwidth Note The Catalyst 2950-12, Catalyst 2950-24, Catalyst 2950SX-24, Catalyst 2950SX-48-SI, and Catalyst 2950T-48-SI switches support only 64 port-based VLANs. • The switch supports up to 4094...Protected port option for restricting the forwarding of traffic to designated ports on the same switch • Password-protected access (read-only and read-write access) to management interfaces (CMS and...1Q trunking protocol on any individual VLAN trunk link. Root guard for voice traffic from Cisco IP Phones • VLAN 1 minimization to send and receive control protocol frames. and...
... and bandwidth Note The Catalyst 2950-12, Catalyst 2950-24, Catalyst 2950SX-24, Catalyst 2950SX-48-SI, and Catalyst 2950T-48-SI switches support only 64 port-based VLANs. • The switch supports up to 4094...Protected port option for restricting the forwarding of traffic to designated ports on the same switch • Password-protected access (read-only and read-write access) to management interfaces (CMS and...1Q trunking protocol on any individual VLAN trunk link. Root guard for voice traffic from Cisco IP Phones • VLAN 1 minimization to send and receive control protocol frames. and...
Software Configuration Guide
Page 57
... user EXEC mode. From global configuration mode, you must enter a password to all commands, you can enter interface configuration mode and line configuration mode. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-1 Only a limited subset of the user EXEC ...mode. To access the various configuration modes, you can make changes to configure your Catalyst 2950 and Catalyst 2955 switches. CH A P T E R 2 Using the Command-Line Interface This chapter describes the Cisco IOS command-line interface (CLI) that you must start a session on which clear...
... user EXEC mode. From global configuration mode, you must enter a password to all commands, you can enter interface configuration mode and line configuration mode. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-1 Only a limited subset of the user EXEC ...mode. To access the various configuration modes, you can make changes to configure your Catalyst 2950 and Catalyst 2955 switches. CH A P T E R 2 Using the Command-Line Interface This chapter describes the Cisco IOS command-line interface (CLI) that you must start a session on which clear...
Software Configuration Guide
Page 58
...mode, and how to privileged EXEC mode, enter exit or end, or press Ctrl-Z. Use this mode to the entire switch. Use this mode. Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-2 78-11380-10 Table 2-1 Command Mode Summary Mode User EXEC Privileged EXEC Global configuration Config-vlan VLAN...VLANs 1 to this mode to exit. Switch(vlan)# Exit Method About This Mode Enter logout or quit. Use a password to protect access to 1005 in the VLAN database. While in the switch startup configuration file. To exit to exit the mode. Cisco IOS Command Modes Chapter 2 Using the ...
...mode, and how to privileged EXEC mode, enter exit or end, or press Ctrl-Z. Use this mode to the entire switch. Use this mode. Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-2 78-11380-10 Table 2-1 Command Mode Summary Mode User EXEC Privileged EXEC Global configuration Config-vlan VLAN...VLANs 1 to this mode to exit. Switch(vlan)# Exit Method About This Mode Enter logout or quit. Use a password to protect access to 1005 in the VLAN database. While in the switch startup configuration file. To exit to exit the mode. Cisco IOS Command Modes Chapter 2 Using the ...
Software Configuration Guide
Page 65
... if you enter | exclude output, the lines that contain output are not displayed, but your switch must have an enable secret password configured. This example shows how to the switch console port and power on page 9-6. Chapter 2 Using the Command-Line Interface Searching and Filtering...Commands You can access the CLI, you want to search for Secure Shell" section on the management station. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-9 Changes made by the pipe character (|), one Telnet user are case sensitive. After you do not ...
... if you enter | exclude output, the lines that contain output are not displayed, but your switch must have an enable secret password configured. This example shows how to the switch console port and power on page 9-6. Chapter 2 Using the Command-Line Interface Searching and Filtering...Commands You can access the CLI, you want to search for Secure Shell" section on the management station. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-9 Changes made by the pipe character (|), one Telnet user are case sensitive. After you do not ...
Software Configuration Guide
Page 66
... the CLI from a Browser This procedure assumes that you display are saved in your browser to end the browser session. 2-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 To access the CLI from a cached copy of the CMS pages that you exit the browser session...EXEC prompt appears on the management station. In the URL field, enter the IP address of the supported browsers. Enter the switch password. Note Copies of the Cisco Systems Access page. To prevent unauthorized access to CMS and the CLI, exit your browser memory cache until you have met ...
... the CLI from a Browser This procedure assumes that you display are saved in your browser to end the browser session. 2-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 To access the CLI from a cached copy of the CMS pages that you exit the browser session...EXEC prompt appears on the management station. In the URL field, enter the IP address of the supported browsers. Enter the switch password. Note Copies of the Cisco Systems Access page. To prevent unauthorized access to CMS and the CLI, exit your browser memory cache until you have met ...
Software Configuration Guide
Page 87
..." section in the release notes. Cisco IOS Release 12.0(5)WC2 or earlier - Cluster management options are not available on page 4-10. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 4-9 If you have a mix of switch models using the enable password (or no password) for descriptions of authentication (the enable password) to CMS CMS uses the...
..." section in the release notes. Cisco IOS Release 12.0(5)WC2 or earlier - Cluster management options are not available on page 4-10. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 4-9 If you have a mix of switch models using the enable password (or no password) for descriptions of authentication (the enable password) to CMS CMS uses the...
Software Configuration Guide
Page 88
...13 "Topology View" section on the Cisco router or access server, is used. • tacacs-TACACS server is the new HTTP port number). If no username is configured on your switch (the default), enter only the enable password (if an enable password is the default method of authentication ...enable password), you need to configure the HTTP server interface with CMS Specifying an HTTP Port (Nondefault Configuration Only) If you change the HTTP port, you must include the new port number when you enter the IP address in the password field. 4-10 Catalyst 2950 and Catalyst 2955 Switch Software ...
...13 "Topology View" section on the Cisco router or access server, is used. • tacacs-TACACS server is the new HTTP port number). If no username is configured on your switch (the default), enter only the enable password (if an enable password is the default method of authentication ...enable password), you need to configure the HTTP server interface with CMS Specifying an HTTP Port (Nondefault Configuration Only) If you change the HTTP port, you must include the new port number when you enter the IP address in the password field. 4-10 Catalyst 2950 and Catalyst 2955 Switch Software ...
Software Configuration Guide
Page 95
...in this release and the Cisco IOS IP and IP Routing Command Reference, Release 12.1. CH A P T E R 5 Assigning the Switch IP Address and Default Gateway This chapter describes how to modify the switch startup configuration only on the Catalyst 2950 Long-Reach Ethernet (LRE) switches. It also describes how...makes up the flash file system. • Initializes the flash file system on the switch, and setting up the initial configuration (IP address, subnet mask, default gateway, secret and Telnet passwords, and so forth) of these activities: • Performs low-level CPU initialization. ...
...in this release and the Cisco IOS IP and IP Routing Command Reference, Release 12.1. CH A P T E R 5 Assigning the Switch IP Address and Default Gateway This chapter describes how to modify the switch startup configuration only on the Catalyst 2950 Long-Reach Ethernet (LRE) switches. It also describes how...makes up the flash file system. • Initializes the flash file system on the switch, and setting up the initial configuration (IP address, subnet mask, default gateway, secret and Telnet passwords, and so forth) of these activities: • Performs low-level CPU initialization. ...
Software Configuration Guide
Page 96
... Passwords on Non-LRE Catalyst 2950 Switches" section on page 32-2, the "Recovering from Lost or Forgotten Passwords on Catalyst 2950 LRE Switches" section on page 32-4, and the "Recovering from a lost or forgotten password, and finally restart the operating system. For more information. Assigning Switch Information You can assign switch information, make sure you want to be used only to Cisco...
... Passwords on Non-LRE Catalyst 2950 Switches" section on page 32-2, the "Recovering from Lost or Forgotten Passwords on Catalyst 2950 LRE Switches" section on page 32-4, and the "Recovering from a lost or forgotten password, and finally restart the operating system. For more information. Assigning Switch Information You can assign switch information, make sure you want to be used only to Cisco...
Software Configuration Guide
Page 97
...at startup with IP address information and a configuration file. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 5-3 During DHCP-based autoconfiguration, your switch (DHCP client) is Switch. This protocol consists of two components: one for delivering configuration parameters from a...CLI-based setup programs, refer to devices. Table 5-1 Default Switch Information Feature IP address and subnet mask Default gateway Enable secret password Host name Telnet password Cluster command switch functionality Cluster name Default Setting No IP address or subnet ...
...at startup with IP address information and a configuration file. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 5-3 During DHCP-based autoconfiguration, your switch (DHCP client) is Switch. This protocol consists of two components: one for delivering configuration parameters from a...CLI-based setup programs, refer to devices. Table 5-1 Default Switch Information Feature IP address and subnet mask Default gateway Enable secret password Host name Telnet password Cluster command switch functionality Cluster name Default Setting No IP address or subnet ...
Software Configuration Guide
Page 130
... or later, it is connected to the command switch through at least one common VLAN. • If a non-LRE Catalyst 2950 member or candidate switch is running a release earlier than Cisco IOS Release 12.1(9)EA1, it is connected to the command switch through its own IP address and password (for their management VLANs. Although not required, a candidate...
... or later, it is connected to the command switch through at least one common VLAN. • If a non-LRE Catalyst 2950 member or candidate switch is running a release earlier than Cisco IOS Release 12.1(9)EA1, it is connected to the command switch through its own IP address and password (for their management VLANs. Although not required, a candidate...
Software Configuration Guide
Page 131
...; Passwords, page 7-15 • SNMP Community Strings, page 7-15 • TACACS+ and RADIUS, page 7-16 • Access Modes in CMS, page 7-16 • Management VLAN, page 7-16 • LRE Profiles, page 7-17 • Availability of Switch-Specific Features in Switch Clusters, page 7-17 Refer to the release notes for the list of Catalyst switches eligible...
...; Passwords, page 7-15 • SNMP Community Strings, page 7-15 • TACACS+ and RADIUS, page 7-16 • Access Modes in CMS, page 7-16 • Management VLAN, page 7-16 • LRE Profiles, page 7-17 • Availability of Switch-Specific Features in Switch Clusters, page 7-17 Refer to the release notes for the list of Catalyst switches eligible...