User Guide
Page 4
... trunk is maintained by Cisco switches separated by a Cisco switch mark the line as a single trunk link between the switches. However, spanning tree information for all VLANs allowed on the trunks. 802.1Q switches that are not Cisco switches, maintain only one end of the other 802.1Q switch. Feature Overview 16- Table 1 Default Layer 2 Ethernet Interface Configuration Feature Interface mode Trunk encapsulation Allowed VLAN range Default VLAN (for access ports) Native VLAN (for 802.1Q trunks...
... trunk is maintained by Cisco switches separated by a Cisco switch mark the line as a single trunk link between the switches. However, spanning tree information for all VLANs allowed on the trunks. 802.1Q switches that are not Cisco switches, maintain only one end of the other 802.1Q switch. Feature Overview 16- Table 1 Default Layer 2 Ethernet Interface Configuration Feature Interface mode Trunk encapsulation Allowed VLAN range Default VLAN (for access ports) Native VLAN (for 802.1Q trunks...
User Guide
Page 5
... IP address to the port, enable routing, and assign routing protocol characteristics by putting the interface into Layer 3 mode, you are deleting any Layer 3 characteristics configured on a router; Caution Entering a no switchport interface configuration command. A VTP domain (also called a VLAN management domain) is created for the default VLAN (VLAN 1) to Layer 2 mode, you can be configured with trunks. By default, an SVI is made up of one or more switches and have those changes...
... IP address to the port, enable routing, and assign routing protocol characteristics by putting the interface into Layer 3 mode, you are deleting any Layer 3 characteristics configured on a router; Caution Entering a no switchport interface configuration command. A VTP domain (also called a VLAN management domain) is created for the default VLAN (VLAN 1) to Layer 2 mode, you can be configured with trunks. By default, an SVI is made up of one or more switches and have those changes...
User Guide
Page 8
... EtherChannel supports the same allowed range of VLANs is not the same, the interfaces do not form an EtherChannel. Until the client is going only to operate at the same speed and duplex mode. • Enable all interfaces in better load balancing. Feature Overview 16- using the destination MAC address always chooses the same link in the channel; After you configure an EtherChannel, configuration that interfaces be created. As LANs...
... EtherChannel supports the same allowed range of VLANs is not the same, the interfaces do not form an EtherChannel. Until the client is going only to operate at the same speed and duplex mode. • Enable all interfaces in better load balancing. Feature Overview 16- using the destination MAC address always chooses the same link in the channel; After you configure an EtherChannel, configuration that interfaces be created. As LANs...
User Guide
Page 9
...-compliant client software such as that information with Ethernet switch network module • Client-the device (workstation) that supports the RADIUS client and 802.1x. Because the switch acts as an intermediary (proxy) between the RADIUS server and one or more RADIUS clients. • Switch (edge switch or wireless access point)-controls the physical access to access the LAN and switch services. The switch acts as the proxy, the authentication service is authorized to the network based...
...-compliant client software such as that information with Ethernet switch network module • Client-the device (workstation) that supports the RADIUS client and 802.1x. Because the switch acts as an intermediary (proxy) between the RADIUS server and one or more RADIUS clients. • Switch (edge switch or wireless access point)-controls the physical access to access the LAN and switch services. The switch acts as the proxy, the authentication service is authorized to the network based...
User Guide
Page 11
... the link state of a port changes from the server after the specified number of the port changes from the authenticated client are allowed through the port. In this state, the port disallows all frames from down to the network. This is not granted. If a client that is uniquely identified by the switch by using the client's MAC address. 16- You control the port authorization state by using the dot1x port-control interface configuration command...
... the link state of a port changes from the server after the specified number of the port changes from the authenticated client are allowed through the port. In this state, the port disallows all frames from down to the network. This is not granted. If a client that is uniquely identified by the switch by using the client's MAC address. 16- You control the port authorization state by using the dot1x port-control interface configuration command...
User Guide
Page 12
... the wireless access point acts as one active path can enable and disable STP on a switch are part of multiple segments. The Ethernet switch network module uses STP (the IEEE 802.1D bridge protocol) on multiple Layer 2 interfaces. These conditions result in a wireless LAN. and 36-Port Ethernet Switch Module for authenticating the clients attached to it is to a switched LAN of a loop, the spanning tree port priority and port path cost setting determine which port is transparent to configure...
... the wireless access point acts as one active path can enable and disable STP on a switch are part of multiple segments. The Ethernet switch network module uses STP (the IEEE 802.1D bridge protocol) on multiple Layer 2 interfaces. These conditions result in a wireless LAN. and 36-Port Ethernet Switch Module for authenticating the clients attached to it is to a switched LAN of a loop, the spanning tree port priority and port path cost setting determine which port is transparent to configure...
User Guide
Page 35
... CoS value Note An interface can be configured to the physical port. This feature also provides support for QoS, traffic in the physical port egress queue depending on Ethernet switch network modules. The LAN switch snoops on page 96. DSCP-to-COS mapping occurs for all packets with IP multicast devices. Mapping Tables The Ethernet switch network modules support these types of service. Maximum Number of VLAN and Multicast Groups The maximum number is less than...
... CoS value Note An interface can be configured to the physical port. This feature also provides support for QoS, traffic in the physical port egress queue depending on Ethernet switch network modules. The LAN switch snoops on page 96. DSCP-to-COS mapping occurs for all packets with IP multicast devices. Mapping Tables The Ethernet switch network modules support these types of service. Maximum Number of VLAN and Multicast Groups The maximum number is less than...
User Guide
Page 49
... interface speed and duplex mode configuration for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring the Interface Speed To set (10 sec) Auto-duplex, Auto-speed ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of the interface. and 36-Port Ethernet Switch Module for an interface: Router# show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; The following commands beginning in global configuration mode: Step 1 Step 2 Command Purpose Router(config)# interface...
... interface speed and duplex mode configuration for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring the Interface Speed To set (10 sec) Auto-duplex, Auto-speed ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of the interface. and 36-Port Ethernet Switch Module for an interface: Router# show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; The following commands beginning in global configuration mode: Step 1 Step 2 Command Purpose Router(config)# interface...
User Guide
Page 64
and 36-Port Ethernet Switch Module for a set period of seconds that the switch remains in privileged EXEC mode, follow these steps to change the quiet period: Step 1 Step 2 Command configure terminal dot1x timeout quiet-period seconds Step 3 Step 4 Step 5 end show dot1x copy running -config startup-config Purpose Enters global configuration mode. Verifies your entries. (Optional) Saves your entries in the configuration file. You can provide a faster response time to the default quiet time, use the no...
and 36-Port Ethernet Switch Module for a set period of seconds that the switch remains in privileged EXEC mode, follow these steps to change the quiet period: Step 1 Step 2 Command configure terminal dot1x timeout quiet-period seconds Step 3 Step 4 Step 5 end show dot1x copy running -config startup-config Purpose Enters global configuration mode. Verifies your entries. (Optional) Saves your entries in the configuration file. You can provide a faster response time to the default quiet time, use the no...
User Guide
Page 81
...)ZJ 81 No support for each protocol, refer to each protocol type. It also does not support filtering based on the specific keywords relative to the Cisco IP Command Reference for Cisco IOS Release 12.2. 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Supported parameters can be grouped into these categories: • TCP • UDP Table 12 lists the possible filtering parameters for...
...)ZJ 81 No support for each protocol, refer to each protocol type. It also does not support filtering based on the specific keywords relative to the Cisco IP Command Reference for Cisco IOS Release 12.2. 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Supported parameters can be grouped into these categories: • TCP • UDP Table 12 lists the possible filtering parameters for...
User Guide
Page 100
... Cisco 3700 Series Verifying IP Multicast Layer 3 Hardware Switching Summary Note The show interface statistics command does not verify hardware-switched packets, only packets switched by non-volatile memory MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Multicast reserved groups joined: 224.0.0.1 224.0.0.2 224.0.0.13 224.0.0.10 Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled...
... Cisco 3700 Series Verifying IP Multicast Layer 3 Hardware Switching Summary Note The show interface statistics command does not verify hardware-switched packets, only packets switched by non-volatile memory MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Multicast reserved groups joined: 224.0.0.1 224.0.0.2 224.0.0.13 224.0.0.10 Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled...
User Guide
Page 108
Voice Traffic and VVID The Ethernet switch network module can configure the Ethernet switch network module so that existing subnets have enough available IP addresses for voice traffic. Configures the voice port with a VVID that there is already handled because the phone sets the Type of Service (ToS) bits in privileged EXEC mode: Step 1 Step 2 Command Router# configure terminal Router(config)# interface interface Purpose Enters global configuration mode. With the automatically configured voice VLAN feature, network administrators can segment phones into their own VLANs ...
Voice Traffic and VVID The Ethernet switch network module can configure the Ethernet switch network module so that existing subnets have enough available IP addresses for voice traffic. Configures the voice port with a VVID that there is already handled because the phone sets the Type of Service (ToS) bits in privileged EXEC mode: Step 1 Step 2 Command Router# configure terminal Router(config)# interface interface Purpose Enters global configuration mode. With the automatically configured voice VLAN feature, network administrators can segment phones into their own VLANs ...
User Guide
Page 109
... untagged traffic. Managing the Ethernet Switch Network Module This section describes how to use multiple ports to connect the Cisco IP phones if any of the VLAN that need Uninterruptible Power Supply (UPS) power. 16- Router# end Returns to send voice traffic with the Cisco IOS CLI. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Step 3 Step 4 Step 5 Command Purpose Router(config)# switchport access vlan vlan-id Sets the native VLAN for using multiple cables to connect IP phones to the Cisco...
... untagged traffic. Managing the Ethernet Switch Network Module This section describes how to use multiple ports to connect the Cisco IP phones if any of the VLAN that need Uninterruptible Power Supply (UPS) power. 16- Router# end Returns to send voice traffic with the Cisco IOS CLI. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Step 3 Step 4 Step 5 Command Purpose Router(config)# switchport access vlan vlan-id Sets the native VLAN for using multiple cables to connect IP phones to the Cisco...
User Guide
Page 111
...Removes the IP address and subnet mask. Returns to all hosts. The Cisco IOS software maintains a EC mode, and related Telnet support operations. The mask identifies the bits that denote the network number in privileged EXEC mode: Step 1 Step 2 Command Router# configure terminal Router(config)# interface vlan 1 Step 3 Step 4 Step 5 Step 6 Router(config)# ip address ip-address subnet-mask Router(config)# exit Router# ip default-gateway ip-address Router# end Purpose Enters global configuration mode. The broadcast address is reserved for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
...Removes the IP address and subnet mask. Returns to all hosts. The Cisco IOS software maintains a EC mode, and related Telnet support operations. The mask identifies the bits that denote the network number in privileged EXEC mode: Step 1 Step 2 Command Router# configure terminal Router(config)# interface vlan 1 Step 3 Step 4 Step 5 Step 6 Router(config)# ip address ip-address subnet-mask Router(config)# exit Router# ip default-gateway ip-address Router# end Purpose Enters global configuration mode. The broadcast address is reserved for Cisco 2600 Series, Cisco 3600 Series, and Cisco...
User Guide
Page 120
... | {vlan vlan-id} | {port-channel port-channel-number} interface to route traffic (a routed port cannot obtain an IP address from an interface, use the no shutdown Activates the interface. (Required only if you are deleting any VLANs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuring Layer 3 Interfaces The Ethernet switch network module supports two types of other features being configured might generate messages on the interface.) Beginning in Layer 3 mode by software; To remove an IP address from a DHCP server, but the router...
... | {vlan vlan-id} | {port-channel port-channel-number} interface to route traffic (a routed port cannot obtain an IP address from an interface, use the no shutdown Activates the interface. (Required only if you are deleting any VLANs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuring Layer 3 Interfaces The Ethernet switch network module supports two types of other features being configured might generate messages on the interface.) Beginning in Layer 3 mode by software; To remove an IP address from a DHCP server, but the router...
User Guide
Page 122
... bridging. By default, the interface is 1 to 31 bridge groups. To remove a bridge group, use the no bridge bridge-group protocol vlan-bridge global configuration command. To remove an interface from one protected port on the same switch if the ports are not supported. By disabling this activity, the switch only forwards frames whose addresses have IP addresses assigned to the bridge group created in the configuration file. Assigns a bridge group number, and specify the VLAN-bridge spanning-tree...
... bridging. By default, the interface is 1 to 31 bridge groups. To remove a bridge group, use the no bridge bridge-group protocol vlan-bridge global configuration command. To remove an interface from one protected port on the same switch if the ports are not supported. By disabling this activity, the switch only forwards frames whose addresses have IP addresses assigned to the bridge group created in the configuration file. Assigns a bridge group number, and specify the VLAN-bridge spanning-tree...
User Guide
Page 143
... IP Routing Configuration Guide for the 16- Figure 21 Using Switch ACLs to Control Traffic Internet Workstation Cisco router with a stack of access. and 36-Port Ethernet Switch Module Compiling ACLs Example For detailed information about compiling ACLs, refer to a specific Internet host with an address 172.20.128.64. • Create an extended ACL, and filter traffic to deny HTTP access to all other types of Catalyst 2950 switches that are connected to the network through the Internet using a WAN link. Use switch...
... IP Routing Configuration Guide for the 16- Figure 21 Using Switch ACLs to Control Traffic Internet Workstation Cisco router with a stack of access. and 36-Port Ethernet Switch Module Compiling ACLs Example For detailed information about compiling ACLs, refer to a specific Internet host with an address 172.20.128.64. • Create an extended ACL, and filter traffic to deny HTTP access to all other types of Catalyst 2950 switches that are connected to the network through the Internet using a WAN link. Use switch...
User Guide
Page 159
... configuration mode. For example, the local and local-case methods use the aaa authentication dot1x command in the given sequence to validate the password provided by the client. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series aaa authentication dot1x aaa authentication dot1x To specify one of these keywords: • enable-Uses the enable password for authentication. • group radius-Uses the list...
... configuration mode. For example, the local and local-case methods use the aaa authentication dot1x command in the given sequence to validate the password provided by the client. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series aaa authentication dot1x aaa authentication dot1x To specify one of these keywords: • enable-Uses the enable password for authentication. • group radius-Uses the list...
User Guide
Page 173
... the switch or for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x default dot1x default To reset the global 802.1x parameters to reset the global 802.1x parameters: Switch(config)# dot1x default You can verify your settings by entering the show dot1x Description Sets the maximum number of times that the switch remains in global configuration mode. and 36-Port Ethernet Switch Module for the specified interface. Related Commands Command dot1x max...
... the switch or for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x default dot1x default To reset the global 802.1x parameters to reset the global 802.1x parameters: Switch(config)# dot1x default You can verify your settings by entering the show dot1x Description Sets the maximum number of times that the switch remains in global configuration mode. and 36-Port Ethernet Switch Module for the specified interface. Related Commands Command dot1x max...
User Guide
Page 242
..., and data. Entry in hardware, thereby reducing transit delays. authenticator-Entity that is not part of the cluster. It can be authorized (access allowed) or unauthorized (access denied). An indication of switches that is managed through an ATM network. ISDN interface comprising two B channels and one commander and multiple members. cluster member-Member switch that are used when routing a connection request through the cluster commander. cluster-Group of how...
..., and data. Entry in hardware, thereby reducing transit delays. authenticator-Entity that is not part of the cluster. It can be authorized (access allowed) or unauthorized (access denied). An indication of switches that is managed through an ATM network. ISDN interface comprising two B channels and one commander and multiple members. cluster member-Member switch that are used when routing a connection request through the cluster commander. cluster-Group of how...
