Software Guide
Page 43
... switch, executing the configuration change, and logging the results. For more information about the CLI, see Chapter 2, "Using the Command-Line Interface." • Cisco Configuration Engine-The Cisco Configuration Engine is running platforms such as HP OpenView or SunNet Manager. For more information about using SNMP, see Chapter 4, "Configuring Cisco IOS CNS Agents." • SNMP-SNMP management applications such as IP address, default gateway, hostname, and Domain Name System [DNS] and TFTP server names) • DHCP relay for forwarding User Datagram Protocol...
... switch, executing the configuration change, and logging the results. For more information about the CLI, see Chapter 2, "Using the Command-Line Interface." • Cisco Configuration Engine-The Cisco Configuration Engine is running platforms such as HP OpenView or SunNet Manager. For more information about using SNMP, see Chapter 4, "Configuring Cisco IOS CNS Agents." • SNMP-SNMP management applications such as IP address, default gateway, hostname, and Domain Name System [DNS] and TFTP server names) • DHCP relay for forwarding User Datagram Protocol...
Software Guide
Page 75
... DHCP Client Configuration No configuration file is set to global configuration mode. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 3-9 TFTP Server Configuration (on UNIX) The TFTP server base directory is present on its hostname (switcha). • It reads the configuration file that corresponds to a switch virtual interface (SVI). The base directory also contains a configuration file for example, it reads switch1-confg from the base directory of the TFTP server. • It adds the contents of the network...
... DHCP Client Configuration No configuration file is set to global configuration mode. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 3-9 TFTP Server Configuration (on UNIX) The TFTP server base directory is present on its hostname (switcha). • It reads the configuration file that corresponds to a switch virtual interface (SVI). The base directory also contains a configuration file for example, it reads switch1-confg from the base directory of the TFTP server. • It adds the contents of the network...
Software Guide
Page 76
.... version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname 3400-3 ! Verify the configured IP address. Checking and Saving the Running Configuration You can check the configuration settings you entered or changes you are removing the address through a Telnet session, your entries in the configuration file. spanning-tree mode rapid-pvst spanning-tree extend system-id ! vlan internal allocation policy ascending 3-10 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide...
.... version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname 3400-3 ! Verify the configured IP address. Checking and Saving the Running Configuration You can check the configuration settings you entered or changes you are removing the address through a Telnet session, your entries in the configuration file. spanning-tree mode rapid-pvst spanning-tree extend system-id ! vlan internal allocation policy ascending 3-10 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide...
Software Guide
Page 119
...end show mac address-table dynamic privileged EXEC command. For vlan-id, valid IDs are not generated for dynamic and secure MAC addresses; Whenever the switch learns or removes a MAC address, an SNMP notification can also remove a specific MAC address (clear mac address-table dynamic address mac-address), remove all addresses on the specified physical port or port channel (clear mac address-table dynamic interface interface-id), or remove all dynamic entries, use the show mac address-table aging-time copy running-config startup-config Purpose Enter global configuration mode. Do...
...end show mac address-table dynamic privileged EXEC command. For vlan-id, valid IDs are not generated for dynamic and secure MAC addresses; Whenever the switch learns or removes a MAC address, an SNMP notification can also remove a specific MAC address (clear mac address-table dynamic address mac-address), remove all addresses on the specified physical port or port channel (clear mac address-table dynamic interface interface-id), or remove all dynamic entries, use the show mac address-table aging-time copy running-config startup-config Purpose Enter global configuration mode. Do...
Software Guide
Page 121
... all ports are associated with a static address that arrives on a specific interface, use the no mac address-table notification global configuration command. For more information about private VLANs, see Chapter 12, "Configuring Private VLANs." 5-24 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 To disable the MAC address notification feature, use the no snmp-server enable traps mac-notification global configuration command. You can be manually removed. • It can specify a different list of destination ports for them. This example shows...
... all ports are associated with a static address that arrives on a specific interface, use the no mac address-table notification global configuration command. For more information about private VLANs, see Chapter 12, "Configuring Private VLANs." 5-24 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 To disable the MAC address notification feature, use the no snmp-server enable traps mac-notification global configuration command. You can be manually removed. • It can specify a different list of destination ports for them. This example shows...
Software Guide
Page 136
... To disable password checking and allow connections without a password, use the no login line configuration command. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 7-7 Level 1 gives user EXEC mode access. • For encryption-type, enter 0 to specify that requests a login username and a password: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Command configure terminal username name [privilege level] {password encryption-type password} line console 0 or line vty 0 15 login local end show running-config copy running-config startup-config Purpose...
... To disable password checking and allow connections without a password, use the no login line configuration command. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 7-7 Level 1 gives user EXEC mode access. • For encryption-type, enter 0 to specify that requests a login username and a password: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Command configure terminal username name [privilege level] {password encryption-type password} line console 0 or line vty 0 15 login local end show running-config copy running-config startup-config Purpose...
Software Guide
Page 137
... group of users to have access to the clear line command, you can allow different sets of users. Level 15 is case sensitive, and allows spaces but ignores leading spaces. Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 7-8 78-17058-01 By default, no password is for normal user EXEC mode privileges. The first command shows the password and access level configuration. Protecting Access to Privileged EXEC Commands Chapter 7 Configuring Switch-Based Authentication Configuring Multiple Privilege Levels By default...
... group of users to have access to the clear line command, you can allow different sets of users. Level 15 is case sensitive, and allows spaces but ignores leading spaces. Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 7-8 78-17058-01 By default, no password is for normal user EXEC mode privileges. The first command shows the password and access level configuration. Protecting Access to Privileged EXEC Commands Chapter 7 Configuring Switch-Based Authentication Configuring Multiple Privilege Levels By default...
Software Guide
Page 138
This example shows how to set the configure command to privilege level 14 and define SecretPswd14 as the password users must enter to use the no privilege level line configuration command. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 7-9 Return to restrict access. Verify your console line to restrict line usage. If users know the password to a higher privilege level, they can use the no privilege mode level level command global configuration command. You might...
This example shows how to set the configure command to privilege level 14 and define SecretPswd14 as the password users must enter to use the no privilege level line configuration command. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 7-9 Return to restrict access. Verify your console line to restrict line usage. If users know the password to a higher privilege level, they can use the no privilege mode level level command global configuration command. You might...
Software Guide
Page 195
... switch is a Layer 3 interface only and does not support Layer 2 protocols, such as is removed, and the original VLAN numbers from other port but the associated trunk port. A routed port is not associated with a VLAN tag. Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 9-4 78-17058-01 Dynamic access ports on UNIs. Tunnel ports are assigned to the outgoing port default PVID is sent with a particular VLAN, as STP. Routed ports can limit VLAN membership by default a trunk port is assigned a default Port VLAN...
... switch is a Layer 3 interface only and does not support Layer 2 protocols, such as is removed, and the original VLAN numbers from other port but the associated trunk port. A routed port is not associated with a VLAN tag. Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 9-4 78-17058-01 Dynamic access ports on UNIs. Tunnel ports are assigned to the outgoing port default PVID is sent with a particular VLAN, as STP. Routed ports can limit VLAN membership by default a trunk port is assigned a default Port VLAN...
Software Guide
Page 208
... flow control settings on the device: • receive on Switch(config-if)# end 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 9-17 Configure the IEEE 802.3x flow control mode for this release. Verify the interface IEEE 802.3x flow control settings. (Optional) Save your entries in the command reference for the port. These rules apply to the link partner, and no indication is off , or desired. Enable the port...
... flow control settings on the device: • receive on Switch(config-if)# end 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 9-17 Configure the IEEE 802.3x flow control mode for this release. Verify the interface IEEE 802.3x flow control settings. (Optional) Save your entries in the command reference for the port. These rules apply to the link partner, and no indication is off , or desired. Enable the port...
Software Guide
Page 209
... through cables to connect to devices such as servers, workstations, or routers and crossover cables to connect to autonegotiate speed with the connected device. To disable auto-MDIX, use either type of the auto-MDIX feature on the interface. With auto-MDIX enabled, you must use straight-through or crossover) and configures the connection appropriately. no mdix auto interface configuration command. 9-18 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 By default, UNIs are disabled, and NNIs are enabled. Configuring Ethernet Interfaces Chapter...
... through cables to connect to devices such as servers, workstations, or routers and crossover cables to connect to autonegotiate speed with the connected device. To disable auto-MDIX, use either type of the auto-MDIX feature on the interface. With auto-MDIX enabled, you must use straight-through or crossover) and configures the connection appropriately. no mdix auto interface configuration command. 9-18 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 By default, UNIs are disabled, and NNIs are enabled. Configuring Ethernet Interfaces Chapter...
Software Guide
Page 212
... EXEC command. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 9-21 This example shows how to configure a port as traffic sent to privileged EXEC mode. Switch(config)# interface gigabitethernet0/2 Switch(config-if)# no ip address interface configuration command. Fast Ethernet ports are not affected by the switch CPU is 1500 bytes. Gigabit Ethernet ports are subjected to 1546 bytes. That is, the routed MTU is limited to MTU checks on the switch. Chapter 9 Configuring Interface Characteristics Configuring the System MTU Command Step...
... EXEC command. 78-17058-01 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 9-21 This example shows how to configure a port as traffic sent to privileged EXEC mode. Switch(config)# interface gigabitethernet0/2 Switch(config-if)# no ip address interface configuration command. Fast Ethernet ports are not affected by the switch CPU is 1500 bytes. Gigabit Ethernet ports are subjected to 1546 bytes. That is, the routed MTU is limited to MTU checks on the switch. Chapter 9 Configuring Interface Characteristics Configuring the System MTU Command Step...
Software Guide
Page 239
... the command reference for example, Cisco Discovery Protocol (CDP), Port Aggregation Protocol (PAgP), and Link Aggregation Control Protocol (LACP) in privileged EXEC mode, follow these steps to the access VLAN. copy running-config startup-config (Optional) Save your entries in the Trunking VLANs Enabled field of VLANs allowed on a port: Switch(config)# interface fastethernet0/1 Switch(config-if)# switchport trunk allowed vlan remove 2 Switch(config-if)# end 11-18 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 If a trunk port with VLAN 1 disabled...
... the command reference for example, Cisco Discovery Protocol (CDP), Port Aggregation Protocol (PAgP), and Link Aggregation Control Protocol (LACP) in privileged EXEC mode, follow these steps to the access VLAN. copy running-config startup-config (Optional) Save your entries in the Trunking VLANs Enabled field of VLANs allowed on a port: Switch(config)# interface fastethernet0/1 Switch(config-if)# switchport trunk allowed vlan remove 2 Switch(config-if)# end 11-18 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 If a trunk port with VLAN 1 disabled...
Software Guide
Page 240
.... Enable the port, if necessary. Configuring Trunk Ports for the port. You configure load sharing on an IEEE 802.1Q trunk: Step 1 Step 2 Command configure terminal interface interface-id Step 3 no switchport trunk native vlan interface configuration command. For load sharing using STP port priorities, both tagged and untagged traffic. By default, the switch forwards untagged traffic in the native VLAN configured for Load Sharing Load sharing divides the bandwidth supplied by parallel trunks that is VLAN 1 by using STP path costs, each load-sharing link can...
.... Enable the port, if necessary. Configuring Trunk Ports for the port. You configure load sharing on an IEEE 802.1Q trunk: Step 1 Step 2 Command configure terminal interface interface-id Step 3 no switchport trunk native vlan interface configuration command. For load sharing using STP port priorities, both tagged and untagged traffic. By default, the switch forwards untagged traffic in the native VLAN configured for Load Sharing Load sharing divides the bandwidth supplied by parallel trunks that is VLAN 1 by using STP path costs, each load-sharing link can...
Software Guide
Page 325
.... Valid interfaces include physical NNIs and NNI port-channel logical interfaces. The port-channel range is 1 to its default setting, use the show spanning-tree mst instance-id copy running -config privileged EXEC command to NNIs that you want selected first and higher cost values that are in a link-up operative state. Note If a physical interface is not an NNI, enter the port-type nni interface configuration command before...
.... Valid interfaces include physical NNIs and NNI port-channel logical interfaces. The port-channel range is 1 to its default setting, use the show spanning-tree mst instance-id copy running -config privileged EXEC command to NNIs that you want selected first and higher cost values that are in a link-up operative state. Note If a physical interface is not an NNI, enter the port-type nni interface configuration command before...
Software Guide
Page 419
... port-security mac-address mac-address interface configuration command. To disable sticky learning on a port: Switch(config)# interface gigabitethernet0/2 Switch(config-if)# switchport mode trunk Switch(config-if)# switchport port-security Switch(config-if)# switchport port-security mac-address 0000.02000.0004 vlan 3 21-14 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 The interface converts the sticky secure MAC addresses to configure a static secure MAC address on VLAN 3 on an interface, use the no switchport port-security mac-address sticky interface...
... port-security mac-address mac-address interface configuration command. To disable sticky learning on a port: Switch(config)# interface gigabitethernet0/2 Switch(config-if)# switchport mode trunk Switch(config-if)# switchport port-security Switch(config-if)# switchport port-security mac-address 0000.02000.0004 vlan 3 21-14 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 The interface converts the sticky secure MAC addresses to configure a static secure MAC address on VLAN 3 on an interface, use the no switchport port-security mac-address sticky interface...
Software Guide
Page 553
.... After you create a table map, you use a table map in an input policy map, the protocol type of the from -type action in a policy map for traffic belonging to a QoS group within the switch. Understanding QoS Chapter 30 Configuring QoS Marking This example shows how to use the priority with police commands to configure out-class1 as an input policy map. The class class-default queue gets the remaining port bandwidth. The...
.... After you create a table map, you use a table map in an input policy map, the protocol type of the from -type action in a policy map for traffic belonging to a QoS group within the switch. Understanding QoS Chapter 30 Configuring QoS Marking This example shows how to use the priority with police commands to configure out-class1 as an input policy map. The class class-default queue gets the remaining port bandwidth. The...
Software Guide
Page 753
... EXEC commands in the configuration file. This example shows how to set up a boundary for Clearing Caches, Tables, and Databases Command clear ip igmp group [group-name | group-address | interface] clear ip mroute {* | group [source]} clear ip pim auto-rp rp-address clear ip sdr [group-address | "session-name"] Purpose Delete entries from the IP multicast routing table. Delete entries from the IGMP cache. Note This release does not support per-route statistics. 34-34 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide...
... EXEC commands in the configuration file. This example shows how to set up a boundary for Clearing Caches, Tables, and Databases Command clear ip igmp group [group-name | group-address | interface] clear ip mroute {* | group [source]} clear ip pim auto-rp rp-address clear ip sdr [group-address | "session-name"] Purpose Delete entries from the IP multicast routing table. Delete entries from the IGMP cache. Note This release does not support per-route statistics. 34-34 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide...
Software Guide
Page 779
... initialize the flash filesystem, and finish loading the operating system software: flash_init load_helper boot proceed to the "Procedure with Password Recovery Disabled, page 36-7 You enable or disable password recovery by using the service password-recovery global configuration command. Set the line speed on page 36-5, and follow the steps. 36-4 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 On a SUN work station running Windows XP or 2000, Ctrl-Break is the break key. On a PC...
... initialize the flash filesystem, and finish loading the operating system software: flash_init load_helper boot proceed to the "Procedure with Password Recovery Disabled, page 36-7 You enable or disable password recovery by using the service password-recovery global configuration command. Set the line speed on page 36-5, and follow the steps. 36-4 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide 78-17058-01 On a SUN work station running Windows XP or 2000, Ctrl-Break is the break key. On a PC...
Software Guide
Page 869
... port-control command 8-4 authorized and unauthorized 8-4 port security described 8-7 interactions 8-7 multiple-hosts mode 8-6 resetting to default values 8-17 statistics, displaying 8-19 switch as proxy 8-3 RADIUS client 8-3 VLAN assignment AAA authorization 8-11 characteristics 8-8 configuration tasks 8-8 described 8-8 port blocking 1-2, 21-7 port-channel See EtherChannel Port Fast described 16-2 enabling 16-5 support for 1-4 port membership modes, VLAN 11-4 port priority MSTP 15-17 STP 14-16 ports access 9-3 blocking 21-7 dynamic access 11-5 IEEE 802.1Q tunnel 11-5 protected 21-5 routed...
... port-control command 8-4 authorized and unauthorized 8-4 port security described 8-7 interactions 8-7 multiple-hosts mode 8-6 resetting to default values 8-17 statistics, displaying 8-19 switch as proxy 8-3 RADIUS client 8-3 VLAN assignment AAA authorization 8-11 characteristics 8-8 configuration tasks 8-8 described 8-8 port blocking 1-2, 21-7 port-channel See EtherChannel Port Fast described 16-2 enabling 16-5 support for 1-4 port membership modes, VLAN 11-4 port priority MSTP 15-17 STP 14-16 ports access 9-3 blocking 21-7 dynamic access 11-5 IEEE 802.1Q tunnel 11-5 protected 21-5 routed...