User Guide
Page 3
... switch uses an aging mechanism, defined by all ports connect to -point link between interfaces efficiently, the switch maintains an address table. so if an address remains inactive for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number of seconds, it was received. In full-duplex mode, two stations can configure...
... switch uses an aging mechanism, defined by all ports connect to -point link between interfaces efficiently, the switch maintains an address table. so if an address remains inactive for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview The Ethernet switch network module solves congestion problems caused by high-bandwidth devices and a large number of seconds, it was received. In full-duplex mode, two stations can configure...
User Guide
Page 5
... be explicitly configured. A VTP domain (also called a VLAN management domain) is an access port. With VTP, you want to permit remote switch administration. SVIs are deleting any Layer 3 characteristics configured on the interface.) The number of switch ports as one interface to be associated with a particular VLAN, as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. A routed port is connected. Then assign an IP address to the port, enable routing...
... be explicitly configured. A VTP domain (also called a VLAN management domain) is an access port. With VTP, you want to permit remote switch administration. SVIs are deleting any Layer 3 characteristics configured on the interface.) The number of switch ports as one interface to be associated with a particular VLAN, as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. A routed port is connected. Then assign an IP address to the port, enable routing...
User Guide
Page 6
... default, the switch is in VTP server mode and is the default mode. • Client-VTP clients behave the same way as VTP servers, but the changes affect only the individual switch. The switch ignores advertisements with unique names and internal index associations. VTP maps VLANs dynamically across multiple LAN types with a different management domain name or an earlier configuration revision number. Mapping eliminates excessive device administration required from network...
... default, the switch is in VTP server mode and is the default mode. • Client-VTP clients behave the same way as VTP servers, but the changes affect only the individual switch. The switch ignores advertisements with unique names and internal index associations. VTP maps VLANs dynamically across multiple LAN types with a different management domain name or an earlier configuration revision number. Mapping eliminates excessive device administration required from network...
User Guide
Page 7
... source and destination. All interfaces in each switch in the management domain when in secure mode. • A VTP version 2-capable switch can use VTP in your network: • All switches in a VTP domain must run the same VTP version. • You must configure a password on each EtherChannel must decide whether to eight individual Ethernet links into a single logical link that selects one domain is saved in VLAN...
... source and destination. All interfaces in each switch in the management domain when in secure mode. • A VTP version 2-capable switch can use VTP in your network: • All switches in a VTP domain must run the same VTP version. • You must configure a password on each EtherChannel must decide whether to eight individual Ethernet links into a single logical link that selects one domain is saved in VLAN...
User Guide
Page 8
... restrictions to avoid configuration problems: • All Ethernet interfaces on all modules support EtherChannel (maximum of VLANs on a channel is going only to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that interfaces be created. The authentication server authenticates each client connected to a single MAC address, using source addresses or IP addresses may result...
... restrictions to avoid configuration problems: • All Ethernet interfaces on all modules support EtherChannel (maximum of VLANs on a channel is going only to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that interfaces be created. The authentication server authenticates each client connected to a single MAC address, using source addresses or IP addresses may result...
User Guide
Page 11
... a port changes from the server after the specified number of times. The switch detects the client when the port link state changes to the unauthorized state. If a client leaves or is replaced with another client, the switch changes the port link state to down , or if an EAPOL-logoff frame is not running 802.1x, the client initiates the authentication process by using the client's MAC address. Because no response is supported in...
... a port changes from the server after the specified number of times. The switch detects the client when the port link state changes to the unauthorized state. If a client leaves or is replaced with another client, the switch changes the port link state to down , or if an EAPOL-logoff frame is not running 802.1x, the client initiates the authentication process by using the client's MAC address. Because no response is supported in...
User Guide
Page 12
... network. Figure 3 Wireless LAN Example Access point Cisco router with a root switch and a loop-free path from the root to all of an interface in the network. The switches do not manually disable STP). Spanning tree forces redundant data paths into a standby (blocked) state. If a network segment in an unstable network. The spanning tree port path cost value represents media speed. and 36-Port Ethernet Switch Module for authenticating the clients...
... network. Figure 3 Wireless LAN Example Access point Cisco router with a root switch and a loop-free path from the root to all of an interface in the network. The switches do not manually disable STP). Spanning tree forces redundant data paths into a standby (blocked) state. If a network segment in an unstable network. The spanning tree port path cost value represents media speed. and 36-Port Ethernet Switch Module for authenticating the clients...
User Guide
Page 36
.../DVMRP) packets. Ethernet switch network modules support a maximum of multicast router ports through IGMP snooping are added to all VLANs. The VLAN interface is enabled, the multicast router sends out periodic IGMP general queries to the forwarding table for a multicast group address statically, your setting supersedes any IGMP membership reports from the IP multicast data stream and only forwards traffic to the forwarding table entry. Feature...
.../DVMRP) packets. Ethernet switch network modules support a maximum of multicast router ports through IGMP snooping are added to all VLANs. The VLAN interface is enabled, the multicast router sends out periodic IGMP general queries to the forwarding table for a multicast group address statically, your setting supersedes any IGMP membership reports from the IP multicast data stream and only forwards traffic to the forwarding table entry. Feature...
User Guide
Page 48
... both auto-negotiate. interface} [, {{ethernet | fastethernet} slot/interface interface}] Defines the interface-range macro and save it in global configuration mode: Step 1 Command Purpose Router(config)# define interface-range macro-name {vlan vlan-id - Mismatched settings are not supported. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 48 vlan-id} | {{ethernet | fastethernet} slot/interface - Verifying Configuration of a Range of Interfaces Step 1 Use the show running-configuration command to show...
... both auto-negotiate. interface} [, {{ethernet | fastethernet} slot/interface interface}] Defines the interface-range macro and save it in global configuration mode: Step 1 Command Purpose Router(config)# define interface-range macro-name {vlan vlan-id - Mismatched settings are not supported. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 48 vlan-id} | {{ethernet | fastethernet} slot/interface - Verifying Configuration of a Range of Interfaces Step 1 Use the show running-configuration command to show...
User Guide
Page 61
... active port of an EtherChannel, the port does not join the EtherChannel. - This process continues until the port is required. and 36-Port Ethernet Switch Module for authentication. • none-Use no other Layer 2 feature is enabled. • The 802.1x protocol is supported on Layer 2 static-access ports, but it . You can enable 802.1x on the port, you try to change the mode of all RADIUS servers...
... active port of an EtherChannel, the port does not join the EtherChannel. - This process continues until the port is required. and 36-Port Ethernet Switch Module for authentication. • none-Use no other Layer 2 feature is enabled. • The 802.1x protocol is supported on Layer 2 static-access ports, but it . You can enable 802.1x on the port, you try to change the mode of all RADIUS servers...
User Guide
Page 63
...-config copy running on a per-server basis, use spaces in the key, do not specify a time period before enabling reauthentication, the number of the key are used on the RADIUS server. Returns to the RADIUS server documentation. You can enable periodic 802.1x client reauthentication and specify how often it occurs. Enabling Periodic Reauthentication You can globally configure the timeout, retransmission, and encryption key values for clients connected to individual ports. ip-address...
...-config copy running on a per-server basis, use spaces in the key, do not specify a time period before enabling reauthentication, the number of the key are used on the RADIUS server. Returns to the RADIUS server documentation. You can enable periodic 802.1x client reauthentication and specify how often it occurs. Enabling Periodic Reauthentication You can globally configure the timeout, retransmission, and encryption key values for clients connected to individual ports. ip-address...
User Guide
Page 65
... to set the switch-to the default retransmission time, use the no dot1x max-req global configuration command. To return to -client frame-retransmission number: Step 1 Step 2 Command configure terminal dot1x max-req count Step 3 Step 4 Step 5 end show dot1x copy running -config startup-config Purpose Enters global configuration mode. Beginning in the configuration file. the default is 1 to an EAP-request/identity frame from the client before restarting the authentication process. Cisco...
... to set the switch-to the default retransmission time, use the no dot1x max-req global configuration command. To return to -client frame-retransmission number: Step 1 Step 2 Command configure terminal dot1x max-req count Step 3 Step 4 Step 5 end show dot1x copy running -config startup-config Purpose Enters global configuration mode. Beginning in the configuration file. the default is 1 to an EAP-request/identity frame from the client before restarting the authentication process. Cisco...
User Guide
Page 66
...-Port Ethernet Switch Module for a specific interface, use the show dot1x interface interface-id copy running -config startup-config Purpose Enters global configuration mode. Verifies your entries. (Optional) Saves your entries in the configuration file. To display the 802.1x administrative and operational status for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Enabling Multiple Hosts You can reset the 802.1x configuration to privileged EXEC mode. Configuration Tasks 16- Allows multiple hosts (clients...
...-Port Ethernet Switch Module for a specific interface, use the show dot1x interface interface-id copy running -config startup-config Purpose Enters global configuration mode. Verifies your entries. (Optional) Saves your entries in the configuration file. To display the 802.1x administrative and operational status for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Enabling Multiple Hosts You can reset the 802.1x configuration to privileged EXEC mode. Configuration Tasks 16- Allows multiple hosts (clients...
User Guide
Page 81
...-cost type of service (TOS) bit. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Supported parameters can be grouped into these categories: • TCP • UDP Table 12 lists the possible filtering parameters for ACEs for type of the list. When creating ACEs in numbered extended access lists, remember that after you create the list, any additions...
...-cost type of service (TOS) bit. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Supported parameters can be grouped into these categories: • TCP • UDP Table 12 lists the possible filtering parameters for ACEs for type of the list. When creating ACEs in numbered extended access lists, remember that after you create the list, any additions...
User Guide
Page 108
... of Service (CoS) marking. To automatically configure Cisco IP phones to be used exclusively for 802.1p headers on the same VLAN, use the User Priority bits in all media streams to divide the existing IP address space into the switch, and the switch provides the phone with incremental IP telephony deployment, network managers can automatically configure voice VLAN. and 36-Port Ethernet Switch Module for the new Cisco...
... of Service (CoS) marking. To automatically configure Cisco IP phones to be used exclusively for 802.1p headers on the same VLAN, use the User Priority bits in all media streams to divide the existing IP address space into the switch, and the switch provides the phone with incremental IP telephony deployment, network managers can automatically configure voice VLAN. and 36-Port Ethernet Switch Module for the new Cisco...
User Guide
Page 116
...)ZJ Step 1 Use the show mac-address-table aging-time command to verify configuration: Router# show mac-address-table aging-time Removing Dynamic Addresses To remove a dynamic address entry, follow these steps beginning in establishing connectivity when a workstation is moved to 1000000. and 36-Port Ethernet Switch Module for an unknown destination, it can cause addresses to be removed from 10 to a new port. Valid entries are from dynamic MAC address table. Returns to...
...)ZJ Step 1 Use the show mac-address-table aging-time command to verify configuration: Router# show mac-address-table aging-time Removing Dynamic Addresses To remove a dynamic address entry, follow these steps beginning in establishing connectivity when a workstation is moved to 1000000. and 36-Port Ethernet Switch Module for an unknown destination, it can cause addresses to be removed from 10 to a new port. Valid entries are from dynamic MAC address table. Returns to...
User Guide
Page 120
... interface vlan global configuration command. show running-config interface [interface-id] copy running-config startup-config (Optional) Saves your entries in Layer 3 mode by software; To remove an IP address from a DHCP server, but the router can configure is not supported). however, the interrelationship between this command to route traffic. show ip interface [interface-id] show interfaces [interface-id] Verifies the configuration. Note If the physical port is connected. SVIs are deleting any Layer 3 characteristics configured on CPU utilization...
... interface vlan global configuration command. show running-config interface [interface-id] copy running-config startup-config (Optional) Saves your entries in Layer 3 mode by software; To remove an IP address from a DHCP server, but the router can configure is not supported). however, the interrelationship between this command to route traffic. show ip interface [interface-id] show interfaces [interface-id] Verifies the configuration. Note If the physical port is connected. SVIs are deleting any Layer 3 characteristics configured on CPU utilization...
User Guide
Page 156
...-Port Ethernet Switch Module Changing the Switch Priority Example The following example shows how to set the switch priority to disable spanning tree on an interface in bridge group 10: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# bridge group 10 spanning-disabled 156 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for bridge group 10: Switch(config...
...-Port Ethernet Switch Module Changing the Switch Priority Example The following example shows how to set the switch priority to disable spanning tree on an interface in bridge group 10: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# bridge group 10 spanning-disabled 156 Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Examples for bridge group 10: Switch(config...
User Guide
Page 159
... global configuration mode. Usage Guidelines The method argument identifies the list of all Remote Authentication Dial-In User Service (RADIUS) servers for authentication. • line-Uses the line password for authentication. • local-Uses the local username database for authentication. • local-case-Uses the case-sensitive local username database for authentication. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series...
... global configuration mode. Usage Guidelines The method argument identifies the list of all Remote Authentication Dial-In User Service (RADIUS) servers for authentication. • line-Uses the line password for authentication. • local-Uses the local username database for authentication. • local-case-Uses the case-sensitive local username database for authentication. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series...
User Guide
Page 233
...: Switch# show spanning-tree vlan 1 Spanning tree 1 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 00e0.1eb2.ddc0 Configured hello time 2, max age 20, forward delay 15 Current root has priority 32768, address 0010.0b3f.ac80 Root port is 5, cost of root path is 10 Topology change flag not set, detected flag not set, changes 1 Times: hold 1, topology change 35, notification 2 hello 2, max...
...: Switch# show spanning-tree vlan 1 Spanning tree 1 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 00e0.1eb2.ddc0 Configured hello time 2, max age 20, forward delay 15 Current root has priority 32768, address 0010.0b3f.ac80 Root port is 5, cost of root path is 10 Topology change flag not set, detected flag not set, changes 1 Times: hold 1, topology change 35, notification 2 hello 2, max...