Software Guide
Page 24
... private VLANs on the switch. Configuring the IP Permit List Describes how to configure port security on the switch. Configuring Port Security Describes how to configure IP permit list on the switch. Configuring SNMP Describes how to configure quality of service (QoS). Configuring QoS Describes how to configure the Simple Network Management Protocol (SNMP) on the switch. Configuring Multicast Services Describes how to configure the Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on the switch. Configuring SPAN and RSPAN Describes how to configure Cisco...
... private VLANs on the switch. Configuring the IP Permit List Describes how to configure port security on the switch. Configuring Port Security Describes how to configure IP permit list on the switch. Configuring SNMP Describes how to configure quality of service (QoS). Configuring QoS Describes how to configure the Simple Network Management Protocol (SNMP) on the switch. Configuring Multicast Services Describes how to configure the Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on the switch. Configuring SPAN and RSPAN Describes how to configure Cisco...
Software Guide
Page 36
...; Accessing the CLI Through the Console Port, page 2-2 • Accessing the CLI Through Telnet, page 2-3 Accessing the CLI Through the Console Port Note For complete information on , power up the switch. Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 2-2 78-15486-01 Enter set commands) to change switch parameters. If the switch is connected to the hardware documentation for example, using a terminal emulation program on a PC or using set and clear commands. Accessing the Switch CLI Chapter 2 Using the Command-Line Interface...
...; Accessing the CLI Through the Console Port, page 2-2 • Accessing the CLI Through Telnet, page 2-3 Accessing the CLI Through the Console Port Note For complete information on , power up the switch. Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 2-2 78-15486-01 Enter set commands) to change switch parameters. If the switch is connected to the hardware documentation for example, using a terminal emulation program on a PC or using set and clear commands. Accessing the Switch CLI Chapter 2 Using the Command-Line Interface...
Software Guide
Page 37
... Console Enter password: After you successfully connect to the switch using the IP address or the DNS host name of operation: • Normal (also called login or user mode) • Privileged (also called enable mode) Both modes are password protected. For more information about setting the IP address and default gateway, see Chapter 38, "Configuring DNS.") This example shows how to use DNS host names. Chapter 2 Using the Command-Line Interface Accessing the Switch CLI Accessing the CLI Through Telnet...
... Console Enter password: After you successfully connect to the switch using the IP address or the DNS host name of operation: • Normal (also called login or user mode) • Privileged (also called enable mode) Both modes are password protected. For more information about setting the IP address and default gateway, see Chapter 38, "Configuring DNS.") This example shows how to use DNS host names. Chapter 2 Using the Command-Line Interface Accessing the Switch CLI Accessing the CLI Through Telnet...
Software Guide
Page 38
... are connecting to the switch CLI through the console port or using the wrong number of valid keywords and arguments for IP Address Set DNS information Set IP fragmentation enable/disable Set IP HTTP server information Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 2-4 78-15486-01 On a new switch, the privileged-mode password is null. Insert a space between the last parameter and the question mark (?). You will see the "Accessing the Switch CLI...
... are connecting to the switch CLI through the console port or using the wrong number of valid keywords and arguments for IP Address Set DNS information Set IP fragmentation enable/disable Set IP HTTP server information Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 2-4 78-15486-01 On a new switch, the privileged-mode password is null. Insert a space between the last parameter and the question mark (?). You will see the "Accessing the Switch CLI...
Software Guide
Page 52
... connections between the switch and an IP host. Enable SLIP for the SLIP connection. Console> (enable) set interface sl0 slip_addr dest_addr show interface slip attach Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 3-8 78-15486-01 me1 sc0 sc0 me1 Configuring the SLIP (sl0) Interface on the switch. Set the console port SLIP address and the destination address of the attached host. Command telnet {host_name | ip_addr} enable set ip route default 10.1.1.1 Route added. When the SLIP connection is enabled...
... connections between the switch and an IP host. Enable SLIP for the SLIP connection. Console> (enable) set interface sl0 slip_addr dest_addr show interface slip attach Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 3-8 78-15486-01 me1 sc0 sc0 me1 Configuring the SLIP (sl0) Interface on the switch. Set the console port SLIP address and the destination address of the attached host. Command telnet {host_name | ip_addr} enable set ip route default 10.1.1.1 Route added. When the SLIP connection is enabled...
Software Guide
Page 54
...) management interface, perform one of these tasks in the DHCP, BOOTP, or RARP - The switch broadcasts DHCP and RARP requests only when the switch boots up. set interface sc0 dhcp release 3-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Renewing and Releasing a DHCP-Assigned IP Address Chapter 3 Configuring the Switch IP Address and Default Gateway Step 3 Step 4 Step 5 Step 6 Step 7 Task Command Add an entry for each switch in privileged mode...
...) management interface, perform one of these tasks in the DHCP, BOOTP, or RARP - The switch broadcasts DHCP and RARP requests only when the switch boots up. set interface sc0 dhcp release 3-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Renewing and Releasing a DHCP-Assigned IP Address Chapter 3 Configuring the Switch IP Address and Default Gateway Step 3 Step 4 Step 5 Step 6 Step 7 Task Command Add an entry for each switch in privileged mode...
Software Guide
Page 78
... (DRiP) run on the channel. • During fast switchover to the standby supervisor engine, all channeling ports are cleared on its channeling configuration and state, and the links are reset to the nonchanneling state. • Ports with different dot1q port types cannot form a channel. • Ports with different jumbo frame configurations cannot form a channel. • Ports with different VLAN costs or VLAN configurations cannot form a channel. Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 6-4 78-15486-01...
... (DRiP) run on the channel. • During fast switchover to the standby supervisor engine, all channeling ports are cleared on its channeling configuration and state, and the links are reset to the nonchanneling state. • Ports with different dot1q port types cannot form a channel. • Ports with different jumbo frame configurations cannot form a channel. • Ports with different VLAN costs or VLAN configurations cannot form a channel. Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 6-4 78-15486-01...
Software Guide
Page 260
... the IP address for ports 2/1. If you must configure VMPS on the switch to dynamic mode. Console> (enable) show port Port Name Status Vlan Level Duplex Speed 1/1 connect trunk normal full 100 1/2 connect trunk normal half 100 2/1 connect dyn normal full 155 3/1 connect dyn-5 normal half 10 Type 100 BASE-TX 100 BASE-TX OC3 MMF ATM 10 BASE-T 12-8 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Trunk mode set port membership mod_num/port_num...
... the IP address for ports 2/1. If you must configure VMPS on the switch to dynamic mode. Console> (enable) show port Port Name Status Vlan Level Duplex Speed 1/1 connect trunk normal full 100 1/2 connect trunk normal half 100 2/1 connect dyn normal full 155 3/1 connect dyn-5 normal half 10 Type 100 BASE-TX 100 BASE-TX OC3 MMF ATM 10 BASE-T 12-8 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Trunk mode set port membership mod_num/port_num...
Software Guide
Page 285
... Series, Catalyst 2948G, and Catalyst 2980G Switches Command Reference. Note For more information on the Cisco router and the switch. A CGMP/IGMP-capable IP multicast router sees all IGMP packets and can use CGMP, IGMP snooping, or GMRP to dynamically configure switch ports so that are associated with IP multicast hosts. Switches can inform the switch when specific hosts join or leave IP multicast groups. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 15-1 CGMP and IGMP software...
... Series, Catalyst 2948G, and Catalyst 2980G Switches Command Reference. Note For more information on the Cisco router and the switch. A CGMP/IGMP-capable IP multicast router sees all IGMP packets and can use CGMP, IGMP snooping, or GMRP to dynamically configure switch ports so that are associated with IP multicast hosts. Switches can inform the switch when specific hosts join or leave IP multicast groups. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 15-1 CGMP and IGMP software...
Software Guide
Page 300
... [vlan] Verify the multicast group configuration. Console> (enable) set cam static 01-22-33-44-55-66 2/6-12 Static multicast entry added to CAM table. Configuring Multicast Router Ports and Group Entries Chapter 15 Configuring Multicast Services Specifying Multicast Router Ports When you can manually specify multicast router ports. Configured Console> (enable) Configuring Multicast Groups To configure a multicast group manually, perform this task in privileged mode: Step 1 Step 2 Task Command Add one or more multicast MAC addresses to CAM table. Console> (enable) set...
... [vlan] Verify the multicast group configuration. Console> (enable) set cam static 01-22-33-44-55-66 2/6-12 Static multicast entry added to CAM table. Configuring Multicast Router Ports and Group Entries Chapter 15 Configuring Multicast Services Specifying Multicast Router Ports When you can manually specify multicast router ports. Configured Console> (enable) Configuring Multicast Groups To configure a multicast group manually, perform this task in privileged mode: Step 1 Step 2 Task Command Add one or more multicast MAC addresses to CAM table. Console> (enable) set...
Software Guide
Page 301
... Console> (enable) Disabling Multicast Group Entries To disable manually configured multicast group entries, perform this task in privileged mode: Task Disable a specific manually configured multicast router port. Console> (enable) Filtering IGMP Traffic Internet Group Management Protocol (IGMP) filtering allows an administrator to disable a manually configured multicast router port entry: Console> (enable) clear multicast router 2/12 Port 2/12 cleared from the CAM table: Console> (enable) clear cam 01-11-22-33-44-55 1 CAM entry cleared. Command clear cam mac_addr [vlan] This example...
... Console> (enable) Disabling Multicast Group Entries To disable manually configured multicast group entries, perform this task in privileged mode: Task Disable a specific manually configured multicast router port. Console> (enable) Filtering IGMP Traffic Internet Group Management Protocol (IGMP) filtering allows an administrator to disable a manually configured multicast router port entry: Console> (enable) clear multicast router 2/12 Port 2/12 cleared from the CAM table: Console> (enable) clear cam 01-11-22-33-44-55 1 CAM entry cleared. Command clear cam mac_addr [vlan] This example...
Software Guide
Page 378
...and SNMPv2c from the CLI, perform this task in privileged mode: Step 1 Step 2 Task Command Clear IP addresses that are associated with access clear snmp access-list access_number numbers. Console> (enable) Clearing IP Addresses Associated with Access Numbers To clear IP addresses that are associated with access-number 101 have been cleared. show snmp access-list These examples show how to display the SNMP configuration: Console> (enable) show snmp ifalias [ifIndex] 24-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78...
...and SNMPv2c from the CLI, perform this task in privileged mode: Step 1 Step 2 Task Command Clear IP addresses that are associated with access clear snmp access-list access_number numbers. Console> (enable) Clearing IP Addresses Associated with Access Numbers To clear IP addresses that are associated with access-number 101 have been cleared. show snmp access-list These examples show how to display the SNMP configuration: Console> (enable) show snmp ifalias [ifIndex] 24-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78...
Software Guide
Page 382
... a user to your NMS documentation (also see the "Using CiscoWorks2000" section on the SNMP commands that are supported by the Catalyst enterprise LAN switches, refer to a target. set snmp targetparams [-hex] {paramsname} user [-hex] {username} {security-model v3} {message-processing v3} {noauthentication | authentication | privacy} [volatile | nonvolatile] Configure a new user. Configure the RMON2 trap destination table from the NMS. Configuring SNMPv3 from a Network Management System (NMS), refer to a group using a specified security model. Configure the MIB views. set snmp...
... a user to your NMS documentation (also see the "Using CiscoWorks2000" section on the SNMP commands that are supported by the Catalyst enterprise LAN switches, refer to a target. set snmp targetparams [-hex] {paramsname} user [-hex] {username} {security-model v3} {message-processing v3} {noauthentication | authentication | privacy} [volatile | nonvolatile] Configure a new user. Configure the RMON2 trap destination table from the NMS. Configuring SNMPv3 from a Network Management System (NMS), refer to a group using a specified security model. Configure the MIB views. set snmp...
Software Guide
Page 423
... Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 28-3 Variable power supplies automatically adjust the power resources to accommodate the chassis and inline power requirements. • When your switch continues to 2, the switch ignores this setting. Note If you use the 1400 W DC power supply with different types or wattages, the switch uses only one power supply. If you set your switch to redundant mode and only one power supply is installed, your switch is set the power...
... Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 28-3 Variable power supplies automatically adjust the power resources to accommodate the chassis and inline power requirements. • When your switch continues to 2, the switch ignores this setting. Note If you use the 1400 W DC power supply with different types or wattages, the switch uses only one power supply. If you set your switch to redundant mode and only one power supply is installed, your switch is set the power...
Software Guide
Page 446
...preventing unauthorized users from that lockout time. When local authentication is enabled together with the set authentication login lockout command. (You would use local authentication for console connections and RADIUS authentication for console and Telnet connections. Understanding How Login Authentication Works Login authentication increases the security of the system by default, but can enable local authentication and one of the other authentication methods fail. 30-2 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release...
...preventing unauthorized users from that lockout time. When local authentication is enabled together with the set authentication login lockout command. (You would use local authentication for console connections and RADIUS authentication for console and Telnet connections. Understanding How Login Authentication Works Login authentication increases the security of the system by default, but can enable local authentication and one of the other authentication methods fail. 30-2 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release...
Software Guide
Page 453
... 30 Configuring Switch Access Using AAA Configuring Authentication Table 30-2 Default Authentication Configuration (continued) Feature Kerberos login authentication (console and Telnet) Kerberos enable authentication (console and Telnet) Kerberos server IP address Kerberos DES key Kerberos server auth-port Kerberos local-realm name Kerberos credentials forwarding Kerberos clients mandatory Kerberos preauthentication Default Disabled Disabled None specified None specified Port 750 NULL string Disabled Not mandatory Disabled Authentication Configuration Guidelines This section lists the...
... 30 Configuring Switch Access Using AAA Configuring Authentication Table 30-2 Default Authentication Configuration (continued) Feature Kerberos login authentication (console and Telnet) Kerberos enable authentication (console and Telnet) Kerberos server IP address Kerberos DES key Kerberos server auth-port Kerberos local-realm name Kerberos credentials forwarding Kerberos clients mandatory Kerberos preauthentication Default Disabled Disabled None specified None specified Port 750 NULL string Disabled Not mandatory Disabled Authentication Configuration Guidelines This section lists the...
Software Guide
Page 457
... access. You must reset the password after installing software release 5.4 or a later release to 30 characters, and use any printable ASCII characters, including a space. Enter your new password. To set enablepass Enter old password: Enter new password: Retype new password: Password changed . Chapter 30 Configuring Switch Access Using AAA Configuring Authentication Setting the Login Password The login password controls access to the privileged mode CLI. Console> (enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide...
... access. You must reset the password after installing software release 5.4 or a later release to 30 characters, and use any printable ASCII characters, including a space. Enter your new password. To set enablepass Enter old password: Enter new password: Retype new password: Password changed . Chapter 30 Configuring Switch Access Using AAA Configuring Authentication Setting the Login Password The login password controls access to the privileged mode CLI. Console> (enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide...
Software Guide
Page 459
... 6 Step 7 Step 8 Connect to the switch through a Telnet connection. The enable password is null for your new password. Enter and confirm your old password, press Return. picard 15 Console> (enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 30-15 Configuring Local User Authentication The following sections describe how to create a local user account and password, set the privilege level, and verify the configuration: Console> (enable) set localuser user picard password captain privilege...
... 6 Step 7 Step 8 Connect to the switch through a Telnet connection. The enable password is null for your new password. Enter and confirm your old password, press Return. picard 15 Console> (enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 30-15 Configuring Local User Authentication The following sections describe how to create a local user account and password, set the privilege level, and verify the configuration: Console> (enable) set localuser user picard password captain privilege...
Software Guide
Page 480
For example, Telnet prompts for a password. clear kerberos credentials forward 30-36 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 To configure clients to forward user credentials as they connect to other network services: Console> (enable) set kerberos clients mandatory Kerberos clients set to None Kerberos config key: Kerberos SRVTAB Entries Srvtab Entry 1:host/aspen-niners.cisco.edu@CISCO.EDU 0 933974942 1 1 8 00?91:107:423=:;9 Console> (enable) This example shows how to configure the switch so...
For example, Telnet prompts for a password. clear kerberos credentials forward 30-36 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 To configure clients to forward user credentials as they connect to other network services: Console> (enable) set kerberos clients mandatory Kerberos clients set to None Kerberos config key: Kerberos SRVTAB Entries Srvtab Entry 1:host/aspen-niners.cisco.edu@CISCO.EDU 0 933974942 1 1 8 00?91:107:423=:;9 Console> (enable) This example shows how to configure the switch so...
Software Guide
Page 527
... various supervisor engine and switch types, see the "Downloading Supervisor Engine Images Using TFTP" section on page 3. Console> (enable) reset system This command will reset the system. When the switch reboots, enter the show version 1 Mod Port Model Serial # Versions 1 0 WS-X4012 JAB03130104 Hw : 1.5 Gsp: 6.1(1.4) Nmp: 6.1(0.104) Console> (enable) copy tftp flash IP address or name of remote host []? 172.20.52.3 Name of file to the switch through Telnet, your Telnet session disconnects. y Console> (enable) 07/21/2000,13...
... various supervisor engine and switch types, see the "Downloading Supervisor Engine Images Using TFTP" section on page 3. Console> (enable) reset system This command will reset the system. When the switch reboots, enter the show version 1 Mod Port Model Serial # Versions 1 0 WS-X4012 JAB03130104 Hw : 1.5 Gsp: 6.1(1.4) Nmp: 6.1(0.104) Console> (enable) copy tftp flash IP address or name of remote host []? 172.20.52.3 Name of file to the switch through Telnet, your Telnet session disconnects. y Console> (enable) 07/21/2000,13...