Configuration Guide
Page 11
...9-46 Configuring the Secure HTTP Client 9-47 Displaying Secure HTTP Server and Client Status 9-48 Configuring the Switch for Secure Copy Protocol 9-48 Information About Secure Copy 9-49 Configuring IEEE 802.1x Port-Based Authentication 10-1 Understanding ...10-17 Using IEEE 802.1x Authentication with Wake-on-LAN 10-18 Using IEEE 802.1x Authentication with MAC Authentication Bypass 10-18 Using Network Admission Control Layer 2 IEEE 802.1x Validation 10-19 Using ...and Inaccessible Authentication Bypass 10-24 MAC Authentication Bypass 10-25 Catalyst 3750 Switch Software Configuration Guide xi
...9-46 Configuring the Secure HTTP Client 9-47 Displaying Secure HTTP Server and Client Status 9-48 Configuring the Switch for Secure Copy Protocol 9-48 Information About Secure Copy 9-49 Configuring IEEE 802.1x Port-Based Authentication 10-1 Understanding ...10-17 Using IEEE 802.1x Authentication with Wake-on-LAN 10-18 Using IEEE 802.1x Authentication with MAC Authentication Bypass 10-18 Using Network Admission Control Layer 2 IEEE 802.1x Validation 10-19 Using ...and Inaccessible Authentication Bypass 10-24 MAC Authentication Bypass 10-25 Catalyst 3750 Switch Software Configuration Guide xi
Configuration Guide
Page 36
Contents 41 C H A P T E R 42 C H A P T E R Controlling Route Exchanges 40-47 Limiting the Number of DVMRP Routes Advertised 40-47 Changing the DVMRP Route Threshold 40-47 Configuring a DVMRP Summary Address 40-48 Disabling DVMRP Autosummarization 40-50 Adding a Metric Offset to the DVMRP Route 40-50 Monitoring and Maintaining IP Multicast Routing 40-51 ... and Maintaining MSDP 41-19 Configuring Fallback Bridging 42-1 Understanding Fallback Bridging 42-1 Fallback Bridging Overview 42-1 Fallback Bridging and Switch Stacks 42-3 xxxvi Catalyst 3750 Switch Software Configuration Guide OL-8550-02
Contents 41 C H A P T E R 42 C H A P T E R Controlling Route Exchanges 40-47 Limiting the Number of DVMRP Routes Advertised 40-47 Changing the DVMRP Route Threshold 40-47 Configuring a DVMRP Summary Address 40-48 Disabling DVMRP Autosummarization 40-50 Adding a Metric Offset to the DVMRP Route 40-50 Monitoring and Maintaining IP Multicast Routing 40-51 ... and Maintaining MSDP 41-19 Configuring Fallback Bridging 42-1 Understanding Fallback Bridging 42-1 Fallback Bridging Overview 42-1 Fallback Bridging and Switch Stacks 42-3 xxxvi Catalyst 3750 Switch Software Configuration Guide OL-8550-02
Configuration Guide
Page 131
...actual switch type is from the previously provisioned switch type, some commands are rejected, and some commands are rejected, even for a 48-port switch with Power over Ethernet (PoE), the configuration is saved, and the stack is running configuration as those described in the ...the configuration associated with the removed stack member remains in the running Cisco IOS Release 12.2(20)SE or later and you add a provisioned switch that are valid only on page 5-23. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 5-9 Chapter 5 Managing Switch Stacks Understanding ...
...actual switch type is from the previously provisioned switch type, some commands are rejected, and some commands are rejected, even for a 48-port switch with Power over Ethernet (PoE), the configuration is saved, and the stack is running configuration as those described in the ...the configuration associated with the removed stack member remains in the running Cisco IOS Release 12.2(20)SE or later and you add a provisioned switch that are valid only on page 5-23. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 5-9 Chapter 5 Managing Switch Stacks Understanding ...
Configuration Guide
Page 193
...table. Then the IP datagram is specified by the Subnetwork Access Protocol (SNAP). OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 7-27 Displays the MAC address table information for the specified MAC address....ARP encapsulation (represented by the arpa keyword) is called address resolution. For CLI procedures, see the Cisco IOS Release 12.2 documentation on the IP interface. Managing the ARP Table To communicate with the ... to the table do not age and must learn the 48-bit MAC address or the local data link address of addresses present in all VLANs or the...
...table. Then the IP datagram is specified by the Subnetwork Access Protocol (SNAP). OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 7-27 Displays the MAC address table information for the specified MAC address....ARP encapsulation (represented by the arpa keyword) is called address resolution. For CLI procedures, see the Cisco IOS Release 12.2 documentation on the IP interface. Managing the ARP Table To communicate with the ... to the table do not age and must learn the 48-bit MAC address or the local data link address of addresses present in all VLANs or the...
Configuration Guide
Page 205
... a port or line, they must enter the password specified for Secure Copy Protocol, page 9-48 Preventing Unauthorized Access to a switch stack. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 9-1 This chapter consists of these sections: • Preventing Unauthorized Access...9-2 • Controlling Switch Access with TACACS+, page 9-10 • Controlling Switch Access with RADIUS, page 9-17 • Controlling Switch Access with associated rights and privileges) to each username and password pair. These passwords are locally stored on the Catalyst 3750 switch. ...
... a port or line, they must enter the password specified for Secure Copy Protocol, page 9-48 Preventing Unauthorized Access to a switch stack. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 9-1 This chapter consists of these sections: • Preventing Unauthorized Access...9-2 • Controlling Switch Access with TACACS+, page 9-10 • Controlling Switch Access with RADIUS, page 9-17 • Controlling Switch Access with associated rights and privileges) to each username and password pair. These passwords are locally stored on the Catalyst 3750 switch. ...
Configuration Guide
Page 246
..., page 9-48 For configuration ...application. Cisco's ...http://www.cisco.com/...Cisco.com. SSL provides server authentication, encryption, and message integrity..., as well as HTTP client authentication, to as HTTPS; Configuring the Switch for Secure Socket Layer HTTP Chapter 9 Configuring Switch-Based Authentication For more information about these commands, see the "Secure Shell Commands" section in the "Other Security Features" chapter of the Cisco IOS Security Command Reference, Cisco... respond to Cisco IOS application ...: http://www.cisco.com/univercd/cc...management for Cisco IOS Release...
..., page 9-48 For configuration ...application. Cisco's ...http://www.cisco.com/...Cisco.com. SSL provides server authentication, encryption, and message integrity..., as well as HTTP client authentication, to as HTTPS; Configuring the Switch for Secure Socket Layer HTTP Chapter 9 Configuring Switch-Based Authentication For more information about these commands, see the "Secure Shell Commands" section in the "Other Security Features" chapter of the Cisco IOS Security Command Reference, Cisco... respond to Cisco IOS application ...: http://www.cisco.com/univercd/cc...management for Cisco IOS Release...
Configuration Guide
Page 252
... -config startup-config Purpose (Optional) Specify the CipherSuites (encryption algorithms) to be used for its secure transport, the router must enter the password when prompted. 9-48 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 If you cannot enter the password into the copy command. Return to work, the switch needs an...
... -config startup-config Purpose (Optional) Specify the CipherSuites (encryption algorithms) to be used for its secure transport, the router must enter the password when prompted. 9-48 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 If you cannot enter the password into the copy command. Return to work, the switch needs an...
Configuration Guide
Page 306
..., use the channel-group interface configuration command to networks. This command binds the physical and logical ports together. On a 48-port PoE switch, any 24 of the 48 10/100 or 10/100/1000 PoE ports provide 15.4 W of power, or any combination of ports provide an average... see Chapter 34, "Configuring EtherChannels and Link-State Tracking." 10-Gigabit Ethernet Interfaces The Catalyst 3750G-16TD switch has one switch port. Note The 10-Gigabit Ethernet module ports are the DTP, the Cisco Discovery Protocol (CDP), and the Port Aggregation Protocol (PAgP), which operate only on the...
..., use the channel-group interface configuration command to networks. This command binds the physical and logical ports together. On a 48-port PoE switch, any 24 of the 48 10/100 or 10/100/1000 PoE ports provide 15.4 W of power, or any combination of ports provide an average... see Chapter 34, "Configuring EtherChannels and Link-State Tracking." 10-Gigabit Ethernet Interfaces The Catalyst 3750G-16TD switch has one switch port. Note The 10-Gigabit Ethernet module ports are the DTP, the Cisco Discovery Protocol (CDP), and the Port Aggregation Protocol (PAgP), which operate only on the...
Configuration Guide
Page 313
...100 This example shows how to use the define interface-range global configuration command to receive flow-control pause frames: Switch# configure terminal Switch(config)# interface range fastethernet1/0/1 - 3 , gigabitethernet2/0/1 ...-number - For example, the command interface range gigabitethernet1/0/1 - 4 is 1 to 48 Note When you can create an interface range macro to 4094 - vlan vlan-ID ... the command prompt reappears before exiting interface-range configuration mode. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 11-13 vlan-ID, where the VLAN ID is...
...100 This example shows how to use the define interface-range global configuration command to receive flow-control pause frames: Switch# configure terminal Switch(config)# interface range fastethernet1/0/1 - 3 , gigabitethernet2/0/1 ...-number - For example, the command interface range gigabitethernet1/0/1 - 4 is 1 to 48 Note When you can create an interface range macro to 4094 - vlan vlan-ID ... the command prompt reappears before exiting interface-range configuration mode. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 11-13 vlan-ID, where the VLAN ID is...
Configuration Guide
Page 314
.... You can combine multiple interface types in the configuration file. Show the defined interface range macro configuration. (Optional) Save your entries in a macro. 11-14 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 vlan vlan-ID- Note When you use the normal configuration commands to apply the configuration to...
.... You can combine multiple interface types in the configuration file. Show the defined interface range macro configuration. (Optional) Save your entries in a macro. 11-14 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 vlan vlan-ID- Note When you use the normal configuration commands to apply the configuration to...
Configuration Guide
Page 323
...uses the IEEE class information to the powered-device IEEE classification. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 11-23 This does not apply to 15400 milliwatts...regardless of the actual amount of power needed by additional devices. Take precaution not to 48 devices. You can override the default power requirement specified by the IEEE classification. The ...Ethernet Interfaces Budgeting Power for Devices Connected to a PoE Port When Cisco powered devices are connected to PoE ports, the switch uses Cisco Discovery Protocol (CDP) to each PoE port on a switch: ...
...uses the IEEE class information to the powered-device IEEE classification. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 11-23 This does not apply to 15400 milliwatts...regardless of the actual amount of power needed by additional devices. Take precaution not to 48 devices. You can override the default power requirement specified by the IEEE classification. The ...Ethernet Interfaces Budgeting Power for Devices Connected to a PoE Port When Cisco powered devices are connected to PoE ports, the switch uses Cisco Discovery Protocol (CDP) to each PoE port on a switch: ...
Configuration Guide
Page 416
...(BPDU) filtering is automatically enabled on the interface. Set the interface as a tunnel port. Cisco Discovery Protocol (CDP) is specific to be improperly bridged across VLANs. Enter interface configuration mode ..., IP packets would be configured as an IEEE 802.1Q tunnel port. 17-6 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 This VLAN ID is automatically disabled on...; Tunnel ports do not support IP access control lists (ACLs). • Layer 3 quality of service (QoS) ACLs and other QoS features related to 48). Configuring IEEE 802.1Q Tunneling Chapter 17 ...
...(BPDU) filtering is automatically enabled on the interface. Set the interface as a tunnel port. Cisco Discovery Protocol (CDP) is specific to be improperly bridged across VLANs. Enter interface configuration mode ..., IP packets would be configured as an IEEE 802.1Q tunnel port. 17-6 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 This VLAN ID is automatically disabled on...; Tunnel ports do not support IP access control lists (ACLs). • Layer 3 quality of service (QoS) ACLs and other QoS features related to 48). Configuring IEEE 802.1Q Tunneling Chapter 17 ...
Configuration Guide
Page 423
...can try again. If no threshold configured. The interface is disabled if the configured threshold is exceeded. The default is to 48). The interface drops packets if the configured threshold is exceeded. If none is configured, the default is 300 seconds. Step ... the configuration file. Step 4 l2protocol-tunnel [cdp | stp | vtp] Enable protocol tunneling for all three Layer 2 protocols. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 17-13 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling Configuring Layer 2 Protocol Tunneling Configuring Layer 2...
...can try again. If no threshold configured. The interface is disabled if the configured threshold is exceeded. The default is to 48). The interface drops packets if the configured threshold is exceeded. If none is configured, the default is 300 seconds. Step ... the configuration file. Step 4 l2protocol-tunnel [cdp | stp | vtp] Enable protocol tunneling for all three Layer 2 protocols. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 17-13 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling Configuring Layer 2 Protocol Tunneling Configuring Layer 2...
Configuration Guide
Page 443
...-pvst to enable rapid PVST+. (Recommended for rapid-PVST+ mode only) If any port on the switch is required. The port-channel range is 1 to 48. (Recommended for rapid-PVST+ mode only) Specify that the link type for this port (local port) to a remote port through a point-to-point link and... mst to its default setting, use the no spanning-tree link-type interface configuration command. If you want to the forwarding state. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 18-15
...-pvst to enable rapid PVST+. (Recommended for rapid-PVST+ mode only) If any port on the switch is required. The port-channel range is 1 to 48. (Recommended for rapid-PVST+ mode only) Specify that the link type for this port (local port) to a remote port through a point-to-point link and... mst to its default setting, use the no spanning-tree link-type interface configuration command. If you want to the forwarding state. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 18-15
Configuration Guide
Page 447
...the range is 0 to configure, and enter interface configuration mode. All other values are rejected. the default is 128. Valid values are 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, and 240. Chapter 18 Configuring STP Configuring Spanning-Tree Features Note If...entries in increments of an interface. This procedure is in the forwarding state. Return to put in a link-up operative state. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 18-19 The range is 1 to 4094. • For priority, the range is 0 to interfaces that you ...
...the range is 0 to configure, and enter interface configuration mode. All other values are rejected. the default is 128. Valid values are 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, and 240. Chapter 18 Configuring STP Configuring Spanning-Tree Features Note If...entries in increments of an interface. This procedure is in the forwarding state. Return to put in a link-up operative state. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 18-19 The range is 1 to 4094. • For priority, the range is 0 to interfaces that you ...
Configuration Guide
Page 472
..., you must use the no spanning-tree mst instance-id port-priority interface configuration command. 19-20 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 This procedure is 1 to 48. Valid interfaces include physical ports and port-channel logical interfaces. The lower the number, the higher the...range is a member of a switch stack, you can specify a single instance, a range of instances separated by a comma. All other values are 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, and 240. For more information, see the "Configuring Path Cost" section on...
..., you must use the no spanning-tree mst instance-id port-priority interface configuration command. 19-20 Catalyst 3750 Switch Software Configuration Guide OL-8550-02 This procedure is 1 to 48. Valid interfaces include physical ports and port-channel logical interfaces. The lower the number, the higher the...range is a member of a switch stack, you can specify a single instance, a range of instances separated by a comma. All other values are 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, and 240. For more information, see the "Configuring Path Cost" section on...
Configuration Guide
Page 473
... an interface. Beginning in the forwarding state. Valid interfaces include physical ports and port-channel logical interfaces. the default value is 1 to 48. Otherwise, you want selected first and higher cost values that are in a link-up operative state. This procedure is 1 to 200000000;...is optional. If a loop occurs, the MSTP uses the path cost when selecting an interface to privileged EXEC mode. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 19-21 A lower path cost represents higher-speed transmission. • For instance-id, you can assign ...
... an interface. Beginning in the forwarding state. Valid interfaces include physical ports and port-channel logical interfaces. the default value is 1 to 48. Otherwise, you want selected first and higher cost values that are in a link-up operative state. This procedure is 1 to 200000000;...is optional. If a loop occurs, the MSTP uses the path cost when selecting an interface to privileged EXEC mode. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 19-21 A lower path cost represents higher-speed transmission. • For instance-id, you can assign ...
Configuration Guide
Page 477
... EXEC mode. Valid interfaces include physical ports. Return to configure, and enter interface configuration mode. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 19-25 a half-duplex port is considered to privileged EXEC mode. Beginning in STP...-tree link-type interface configuration command. Chapter 19 Configuring MSTP Configuring MSTP Features By default, the link type is controlled from the duplex mode of the interface: a full-duplex port is considered to have a point-to -point ...override the default setting of the link type and enable rapid transitions to 48.
... EXEC mode. Valid interfaces include physical ports. Return to configure, and enter interface configuration mode. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 19-25 a half-duplex port is considered to privileged EXEC mode. Beginning in STP...-tree link-type interface configuration command. Chapter 19 Configuring MSTP Configuring MSTP Features By default, the link type is controlled from the duplex mode of the interface: a full-duplex port is considered to have a point-to -point ...override the default setting of the link type and enable rapid transitions to 48.
Configuration Guide
Page 503
...Flex Links: Step 1 Step 2 Command configure terminal interface interface-id Purpose Enter global configuration mode. This example shows how to 48. Chapter 21 Configuring Flex Links and the MAC Address-Table Move Update Feature Configuring Flex Links and MAC Address-Table Move Update ... mode. Verify the configuration. (Optional) Save your entries in the switch startup configuration file. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 21-5 Return to 48. The port-channel range is 1 to configure an interface with the interface. The port-channel range is 1...
...Flex Links: Step 1 Step 2 Command configure terminal interface interface-id Purpose Enter global configuration mode. This example shows how to 48. Chapter 21 Configuring Flex Links and the MAC Address-Table Move Update Feature Configuring Flex Links and MAC Address-Table Move Update ... mode. Verify the configuration. (Optional) Save your entries in the switch startup configuration file. OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 21-5 Return to 48. The port-channel range is 1 to configure an interface with the interface. The port-channel range is 1...
Configuration Guide
Page 505
...and the switch starts forwarding traffic through the standby link. The port-channel range is used for sending the MAC address-table move updates to 48. The interface can be a physical Layer 2 interface or a port channel (logical interface). Configure a physical Layer 2 interface (or port...EXEC command. Specify the interface, and enter interface configuration mode. The MAC address-table move update transmit Switch(conf)# end OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 21-7 Configure a physical Layer 2 interface (or port channel), as part of a Flex Link pair with ...
...and the switch starts forwarding traffic through the standby link. The port-channel range is used for sending the MAC address-table move updates to 48. The interface can be a physical Layer 2 interface or a port channel (logical interface). Configure a physical Layer 2 interface (or port...EXEC command. Specify the interface, and enter interface configuration mode. The MAC address-table move update transmit Switch(conf)# end OL-8550-02 Catalyst 3750 Switch Software Configuration Guide 21-7 Configure a physical Layer 2 interface (or port channel), as part of a Flex Link pair with ...