User Guide
Page 3
... multiple VLANs over a single link and allow you to extend VLANs across an entire network and supports only one encapsulation on the aging timer are a major bottleneck in a properly configured switched environment achieve full access to the address table. When the destination station replies, the switch adds its address table, it is an industry-standard trunking encapsulation. Note Default parameters on all devices attached to the network. Cisco...
... multiple VLANs over a single link and allow you to extend VLANs across an entire network and supports only one encapsulation on the aging timer are a major bottleneck in a properly configured switched environment achieve full access to the address table. When the destination station replies, the switch adds its address table, it is an industry-standard trunking encapsulation. Note Default parameters on all devices attached to the network. Cisco...
User Guide
Page 5
... access port. A routed port is not associated with a particular VLAN, as one or more switches and have an impact on CPU utilization because of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. Caution Entering a no switchport interface configuration command. With VTP, you can make configuration changes centrally on the device to route traffic, and assign it does not have to be associated with a Layer 3 routing protocol. and 36-Port Ethernet Switch Module...
... access port. A routed port is not associated with a particular VLAN, as one or more switches and have an impact on CPU utilization because of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. Caution Entering a no switchport interface configuration command. With VTP, you can make configuration changes centrally on the device to route traffic, and assign it does not have to be associated with a Layer 3 routing protocol. and 36-Port Ethernet Switch Module...
User Guide
Page 7
... new information through the CLI or SNMP. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you must have the same speed duplex and mode. If the digest on the VTP version 2-capable switch. (VTP version 2 is supported. • Use the squeeze flash command to 1600 Mbps (Fast EtherChannel full duplex) between the network module and another switch or host. EtherChannel...
... new information through the CLI or SNMP. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Feature Overview VTP Version 2 If you must have the same speed duplex and mode. If the digest on the VTP version 2-capable switch. (VTP version 2 is supported. • Use the squeeze flash command to 1600 Mbps (Fast EtherChannel full duplex) between the network module and another switch or host. EtherChannel...
User Guide
Page 8
...- The authentication server authenticates each client connected to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that restricts unauthorized devices from gaining access to a single MAC address, using source addresses or IP addresses may result in a trunking Layer 2 EtherChannel. Setting different STP port path costs does not, by the switch or the LAN. As LANs extend to avoid configuration problems: • All Ethernet interfaces on a channel is...
...- The authentication server authenticates each client connected to a switch port before making available any services offered by itself, make interfaces incompatible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Use the option that restricts unauthorized devices from gaining access to a single MAC address, using source addresses or IP addresses may result in a trunking Layer 2 EtherChannel. Setting different STP port path costs does not, by the switch or the LAN. As LANs extend to avoid configuration problems: • All Ethernet interfaces on a channel is...
User Guide
Page 10
...-Port Ethernet Switch Module for authentication information). If the client does not receive an EAP-request/identity frame after three attempts to request its role as if the port is not enabled or supported on a port by the client using the dot1x port-control auto interface configuration command, the switch must initiate authentication when it determines that the client has been successfully authenticated. For more requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Authentication...
...-Port Ethernet Switch Module for authentication information). If the client does not receive an EAP-request/identity frame after three attempts to request its role as if the port is not enabled or supported on a port by the client using the dot1x port-control auto interface configuration command, the switch must initiate authentication when it determines that the client has been successfully authenticated. For more requests for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Authentication...
User Guide
Page 11
.... You control the port authorization state by using the dot1x port-control interface configuration command and these keywords: • force-authorized-disables 802.1x and causes the port to change to up state. If the authentication fails, the port remains in two topologies: • Point-to-point • Wireless LAN In a point-to the up , or when an EAPOL-start frame. The switch detects the client when the port link state changes to -point configuration (see...
.... You control the port authorization state by using the dot1x port-control interface configuration command and these keywords: • force-authorized-disables 802.1x and causes the port to change to up state. If the authentication fails, the port remains in two topologies: • Point-to-point • Wireless LAN In a point-to the up , or when an EAPOL-start frame. The switch detects the client when the port link state changes to -point configuration (see...
User Guide
Page 12
... receive duplicate messages and switches might learn endstation MAC addresses on a switch are part of a loop, the spanning tree port priority and port path cost setting determine which port is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in the network. The switches do not manually disable STP). Spanning Tree Protocol defines a tree with Ethernet switch network module Authentication server (RADIUS) 88850 Wireless client Spanning Tree Protocol This...
... receive duplicate messages and switches might learn endstation MAC addresses on a switch are part of a loop, the spanning tree port priority and port path cost setting determine which port is responsible for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Figure 3 shows 802.1x-port-based authentication in the network. The switches do not manually disable STP). Spanning Tree Protocol defines a tree with Ethernet switch network module Authentication server (RADIUS) 88850 Wireless client Spanning Tree Protocol This...
User Guide
Page 24
... sets of already known devices, in any traffic except that support Subnetwork Access Protocol (SNAP). You can be SPAN destination interfaces. Only switched interfaces can configure one SPAN session with command-line interface (CLI) or SNMP commands. Specifying a trunk interface as source interfaces, which it . CDP allows network management applications to discover Cisco devices that specify the type of source interfaces. SPAN sessions allow you to monitor traffic on all the source interfaces. Switched Port Analyzer Switched Port Analyzer Session A Switched...
... sets of already known devices, in any traffic except that support Subnetwork Access Protocol (SNAP). You can be SPAN destination interfaces. Only switched interfaces can configure one SPAN session with command-line interface (CLI) or SNMP commands. Specifying a trunk interface as source interfaces, which it . CDP allows network management applications to discover Cisco devices that specify the type of source interfaces. SPAN sessions allow you to monitor traffic on all the source interfaces. Switched Port Analyzer Switched Port Analyzer Session A Switched...
User Guide
Page 34
... configuration command. The supported DSCP values are supported on the CoS value. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 34 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series A policy map also has these items in the incoming frame (configure the port to an interface trust state. If the frame does not contain a CoS value, assign the default port...
... configuration command. The supported DSCP values are supported on the CoS value. Cisco IOS Release 12.2(2)XT, 12.2(8)T, and 12.2(15)ZJ 34 and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series A policy map also has these items in the incoming frame (configure the port to an interface trust state. If the frame does not contain a CoS value, assign the default port...
User Guide
Page 42
... own IP address. Only one bridge domain. A routed port is a physical port that is twofold: • To bridge all forwarding interfaces in the bridge table, it receives on top of the bridge group to configure an SVI for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Fallback Bridging With fallback bridging, the switch bridges together two or more VLANs or routed ports, essentially connecting multiple VLANs within one SVI can be used to identify traffic switched within the bridge group...
... own IP address. Only one bridge domain. A routed port is a physical port that is twofold: • To bridge all forwarding interfaces in the bridge table, it receives on top of the bridge group to configure an SVI for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Fallback Bridging With fallback bridging, the switch bridges together two or more VLANs or routed ports, essentially connecting multiple VLANs within one SVI can be used to identify traffic switched within the bridge group...
User Guide
Page 46
... IP routing, refer to the documentation that accompanies the call agents For more information on Cisco.com at the following sections for configuration tasks for the Ethernet switch network module. • Configuring Layer 2 Interfaces, page 47 • Configuring VLANs, page 52 • Configuring VLAN Trunking Protocol, page 54 • Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces), page 56 • Configuring 802.1x Authentication, page 59 • Configuring Spanning Tree, page 67 • Configuring MAC...
... IP routing, refer to the documentation that accompanies the call agents For more information on Cisco.com at the following sections for configuration tasks for the Ethernet switch network module. • Configuring Layer 2 Interfaces, page 47 • Configuring VLANs, page 52 • Configuring VLAN Trunking Protocol, page 54 • Configuring Layer 2 EtherChannels (Port-Channel Logical Interfaces), page 56 • Configuring 802.1x Authentication, page 59 • Configuring Spanning Tree, page 67 • Configuring MAC...
User Guide
Page 66
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Enabling Multiple Hosts You can reset the 802.1x configuration to the default values with a single command. Verifies your entries. (Optional) Saves your entries in privileged EXEC mode, follow these steps to reset the 802.1x configuration to be granted network access. Resets the configurable 802.1x parameters to privileged EXEC mode. To display 802.1x statistics for all...
and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Enabling Multiple Hosts You can reset the 802.1x configuration to the default values with a single command. Verifies your entries. (Optional) Saves your entries in privileged EXEC mode, follow these steps to reset the 802.1x configuration to be granted network access. Resets the configurable 802.1x parameters to privileged EXEC mode. To display 802.1x statistics for all...
User Guide
Page 81
... the list or selectively add or remove ACEs from a numbered list. Note The Ethernet switch network module does not support dynamic or reflexive access lists. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Supported parameters can be grouped into these categories: • TCP • UDP Table 12 lists the possible filtering parameters for ACEs for each protocol, refer to the Cisco IP Command Reference for type of service (TOS...
... the list or selectively add or remove ACEs from a numbered list. Note The Ethernet switch network module does not support dynamic or reflexive access lists. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Supported parameters can be grouped into these categories: • TCP • UDP Table 12 lists the possible filtering parameters for ACEs for each protocol, refer to the Cisco IP Command Reference for type of service (TOS...
User Guide
Page 86
... been applied to the interface and permits all IP access lists or about a specific IP ACL (numbered or named). and 36-Port Ethernet Switch Module for network security. Beginning in privileged EXEC mode, follow these items: • The types of your entries in the network. Do you use undefined ACLs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Step 5 Step 6 Command show commands. ACLs cannot be applied to a Layer 2 interface or a Layer 3 interface. This section describes...
... been applied to the interface and permits all IP access lists or about a specific IP ACL (numbered or named). and 36-Port Ethernet Switch Module for network security. Beginning in privileged EXEC mode, follow these items: • The types of your entries in the network. Do you use undefined ACLs for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Step 5 Step 6 Command show commands. ACLs cannot be applied to a Layer 2 interface or a Layer 3 interface. This section describes...
User Guide
Page 109
...line power easily to the IP phones without having to upgrade the data infrastructure. • You want to 1001. You might want to Support Cisco IP Phones with Multiple Ports You might find this information useful when you configure the switch for IP telephony. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Step 3 Step 4 Step 5 Command Purpose Router(config)# switchport access vlan vlan-id Sets the native VLAN for using multiple cables to connect IP phones to the Cisco AVVID network is to use multiple ports...
...line power easily to the IP phones without having to upgrade the data infrastructure. • You want to 1001. You might want to Support Cisco IP Phones with Multiple Ports You might find this information useful when you configure the switch for IP telephony. and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Step 3 Step 4 Step 5 Command Purpose Router(config)# switchport access vlan vlan-id Sets the native VLAN for using multiple cables to connect IP phones to the Cisco AVVID network is to use multiple ports...
User Guide
Page 112
... included: • Configuring a Port to Connect to a Cisco 7960 IP phone, page 113 • Disabling Inline Power on the Ethernet switch network module. Configuration Tasks 16- The Internet's global naming scheme, the DNS, accomplishes this domain, the FTP system, for which is identified as ftp.cisco.com. Enabling the DNS If your devices within the entire internetwork. Configuring Voice Ports This section describes how to a Cisco 7960 IP phone and carry IP voice traffic. The Cisco 7960 IP phone contains an...
... included: • Configuring a Port to Connect to a Cisco 7960 IP phone, page 113 • Disabling Inline Power on the Ethernet switch network module. Configuration Tasks 16- The Internet's global naming scheme, the DNS, accomplishes this domain, the FTP system, for which is identified as ftp.cisco.com. Enabling the DNS If your devices within the entire internetwork. Configuring Voice Ports This section describes how to a Cisco 7960 IP phone and carry IP voice traffic. The Cisco 7960 IP phone contains an...
User Guide
Page 113
...Instructs the switch to use 802.1p priority tagging for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring a Port to Connect to a Cisco 7960 IP phone Because a Cisco 7960 IP phone also supports connection to a PC or other device, a port connecting a Ethernet switch network module to the voice circuit. Disabling Inline Power on the port. You can forward IP voice traffic to carry all traffic through the 802.1Q native VLAN, use the following commands beginning in privileged EXEC mode: Step 1 Step 2 Step 3 Step 4 Command Router# configure...
...Instructs the switch to use 802.1p priority tagging for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Configuration Tasks Configuring a Port to Connect to a Cisco 7960 IP phone Because a Cisco 7960 IP phone also supports connection to a PC or other device, a port connecting a Ethernet switch network module to the voice circuit. Disabling Inline Power on the port. You can forward IP voice traffic to carry all traffic through the 802.1Q native VLAN, use the following commands beginning in privileged EXEC mode: Step 1 Step 2 Step 3 Step 4 Command Router# configure...
User Guide
Page 175
... (clients) on Fast Ethernet interface 0/1 and to allow multiple hosts: Switch(config)# interface fastethernet0/1 Switch(config-if)# dot1x port-control auto Switch(config-if)# dot1x multiple-hosts You can verify your settings by entering the show dot1x Description Enables manual control of the authorization state of the port. Defaults Multiple hosts are denied access to a single 802.1x-enabled port. Usage Guidelines This command enables you to attach multiple clients to the network. Examples The following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers...
... (clients) on Fast Ethernet interface 0/1 and to allow multiple hosts: Switch(config)# interface fastethernet0/1 Switch(config-if)# dot1x port-control auto Switch(config-if)# dot1x multiple-hosts You can verify your settings by entering the show dot1x Description Enables manual control of the authorization state of the port. Defaults Multiple hosts are denied access to a single 802.1x-enabled port. Usage Guidelines This command enables you to attach multiple clients to the network. Examples The following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers...
User Guide
Page 181
and 36-Port Ethernet Switch Module for the specified interface. The range is 3600 seconds. This command was introduced. Examples The following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. Displays 802.1x statistics, administrative status, and operational status for the switch or for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x timeout re-authperiod dot1x timeout re-authperiod To set the number of seconds between reauthentication attempts. Related Commands Command dot1x re-authentication show dot1x...
and 36-Port Ethernet Switch Module for the specified interface. The range is 3600 seconds. This command was introduced. Examples The following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers. Displays 802.1x statistics, administrative status, and operational status for the switch or for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series dot1x timeout re-authperiod dot1x timeout re-authperiod To set the number of seconds between reauthentication attempts. Related Commands Command dot1x re-authentication show dot1x...
User Guide
Page 242
... route to classify traffic. CBWFQ-class-based weighted fair queuing. A cluster comprises one D channel for hosts connecting to a LAN via one of high-speed transmission media such as a general means to establish a session. DSCP-differentiated services code point. ACL-access control list. Used for cell relay in which multiple service types (such as voice, video, or data) are managed as the DSCP field, where each ATM switch during connection setup...
... route to classify traffic. CBWFQ-class-based weighted fair queuing. A cluster comprises one D channel for hosts connecting to a LAN via one of high-speed transmission media such as a general means to establish a session. DSCP-differentiated services code point. ACL-access control list. Used for cell relay in which multiple service types (such as voice, video, or data) are managed as the DSCP field, where each ATM switch during connection setup...