Software Configuration Guide
Page 41
... subscriber VLANs for bandwidth and security reasons • IGMP filtering for controlling the set of multicast groups to which hosts on 10/100/1000 BASE-T/TX SFP interfaces that enables the interface to automatically detect the required cable connection type (straight-through or crossover) and to 16 switches that are not directly connected to the release notes for - Refer to the command switch. Unified configuration, monitoring, authentication, and software upgrade of multiple, cluster-capable switches...
... subscriber VLANs for bandwidth and security reasons • IGMP filtering for controlling the set of multicast groups to which hosts on 10/100/1000 BASE-T/TX SFP interfaces that enables the interface to automatically detect the required cable connection type (straight-through or crossover) and to 16 switches that are not directly connected to the release notes for - Refer to the command switch. Unified configuration, monitoring, authentication, and software upgrade of multiple, cluster-capable switches...
Software Configuration Guide
Page 42
... the network • In-band management access for up to 16 simultaneous Telnet connections for multiple CLI-based sessions over the network (requires the cryptographic [that is, supports encryption) versions of the SMI and EMI. • Dynamic Host Configuration Protocol (DHCP) for automating configuration of switch information (such as IP address, default gateway, host name, and Domain Name System [DNS] and Trivial File Transfer Protocol (TFTP) server names) • DHCP relay for forwarding User Datagram Protocol (UDP...
... the network • In-band management access for up to 16 simultaneous Telnet connections for multiple CLI-based sessions over the network (requires the cryptographic [that is, supports encryption) versions of the SMI and EMI. • Dynamic Host Configuration Protocol (DHCP) for automating configuration of switch information (such as IP address, default gateway, host name, and Domain Name System [DNS] and Trivial File Transfer Protocol (TFTP) server names) • DHCP relay for forwarding User Datagram Protocol (UDP...
Software Configuration Guide
Page 43
... or to a remote terminal through the Cisco RPS 300 and Cisco RPS 675 for enhancing power reliability VLAN Features • Support for up to 1005 VLANs for assigning users to VLANs associated with appropriate network resources, traffic patterns, and bandwidth • Support for VLAN IDs in PVST+, rapid-PVST+, and MSTP mode: - BPDU filtering for dynamic VLAN membership 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-5 Up to the forwarding state •...
... or to a remote terminal through the Cisco RPS 300 and Cisco RPS 675 for enhancing power reliability VLAN Features • Support for up to 1005 VLANs for assigning users to VLANs associated with appropriate network resources, traffic patterns, and bandwidth • Support for VLAN IDs in PVST+, rapid-PVST+, and MSTP mode: - BPDU filtering for dynamic VLAN membership 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-5 Up to the forwarding state •...
Software Configuration Guide
Page 44
... feature enabled, no user traffic is , supports encryption) versions of the SMI and EMI. • Password-protected access (read-only and read-write access) to management interfaces (CMS and CLI) for protection against unauthorized configuration changes • Multilevel security for a choice of security level, notification, and resulting actions • Static MAC addressing for ensuring security • Protected port option for restricting the forwarding of traffic to designated ports on the same switch • Port security option...
... feature enabled, no user traffic is , supports encryption) versions of the SMI and EMI. • Password-protected access (read-only and read-write access) to management interfaces (CMS and CLI) for protection against unauthorized configuration changes • Multilevel security for a choice of security level, notification, and resulting actions • Static MAC addressing for ensuring security • Protected port option for restricting the forwarding of traffic to designated ports on the same switch • Port security option...
Software Configuration Guide
Page 51
... power. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-13 Refer to the documentation sets specific to logically segment the network into well-defined broadcast groups and for security management. The switches are using existing infrastructure to transport data and voice from accessing critical pieces of power per port. • Use voice VLAN IDs (VVIDs) to provide separate VLANs for voice traffic. The server farm includes a call processing, routing, and IP phone features and configuration. Voice traffic from the Cisco IP Phones are configured...
... power. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 1-13 Refer to the documentation sets specific to logically segment the network into well-defined broadcast groups and for security management. The switches are using existing infrastructure to transport data and voice from accessing critical pieces of power per port. • Use voice VLAN IDs (VVIDs) to provide separate VLANs for voice traffic. The server farm includes a call processing, routing, and IP phone features and configuration. Voice traffic from the Cisco IP Phones are configured...
Software Configuration Guide
Page 83
... replaces the BOOTP client functionality on your switch. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 4-3 Table 4-1 Default Switch Information Feature IP address and subnet mask Default gateway Enable secret password Host name Telnet password Cluster command switch functionality Cluster name Default Setting No IP address or subnet mask are using DHCP to configure the DHCP server or the DHCP server feature on a client-server model, in the received packet. The switch can be on the same LAN or on the network, you need to Internet...
... replaces the BOOTP client functionality on your switch. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 4-3 Table 4-1 Default Switch Information Feature IP address and subnet mask Default gateway Enable secret password Host name Telnet password Cluster command switch functionality Cluster name Default Setting No IP address or subnet mask are using DHCP to configure the DHCP server or the DHCP server feature on a client-server model, in the received packet. The switch can be on the same LAN or on the network, you need to Internet...
Software Configuration Guide
Page 90
... service password-encryption ! Checking and Saving the Running Configuration You can check the configuration settings you entered or changes you are removing the address through a Telnet session, your connection to the switch will be lost. hostname Switch A ! interface gigabitethernet0/2 mvr type source ...! The default gateway receives IP packets with IP, it does not need to have a default gateway set. For information on setting the switch system name, protecting access to privileged EXEC mode. interface VLAN1 4-10 Catalyst...
... service password-encryption ! Checking and Saving the Running Configuration You can check the configuration settings you entered or changes you are removing the address through a Telnet session, your connection to the switch will be lost. hostname Switch A ! interface gigabitethernet0/2 mvr type source ...! The default gateway receives IP packets with IP, it does not need to have a default gateway set. For information on setting the switch system name, protecting access to privileged EXEC mode. interface VLAN1 4-10 Catalyst...
Software Configuration Guide
Page 145
...physical port or port channel (clear mac address-table dynamic interface interface-id), or remove all dynamic entries, use the show mac address-table aging-time copy running-config startup-config Purpose Enter global configuration mode. Return to the default value, use the no mac address-table aging-time global configuration command. To return to privileged EXEC mode. Static address entries are generated for self addresses, multicast addresses, or other static addresses. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 6-23 The range is 300. Set the length of time...
...physical port or port channel (clear mac address-table dynamic interface interface-id), or remove all dynamic entries, use the show mac address-table aging-time copy running-config startup-config Purpose Enter global configuration mode. Return to the default value, use the no mac address-table aging-time global configuration command. To return to privileged EXEC mode. Static address entries are generated for self addresses, multicast addresses, or other static addresses. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 6-23 The range is 300. Set the length of time...
Software Configuration Guide
Page 162
... level command enable password level level password end show running-config or show privilege copy running-config startup-config Purpose Enter global configuration mode. Return to Privileged EXEC Commands Chapter 8 Configuring Switch-Based Authentication Configuring Multiple Privilege Levels By default, the Cisco IOS software has two modes of commands for a Command Beginning in the configuration file. The first command shows the password and access level configuration. Protecting Access to privileged EXEC mode. This section includes this configuration information: • Setting...
... level command enable password level level password end show running-config or show privilege copy running-config startup-config Purpose Enter global configuration mode. Return to Privileged EXEC Commands Chapter 8 Configuring Switch-Based Authentication Configuring Multiple Privilege Levels By default, the Cisco IOS software has two modes of commands for a Command Beginning in the configuration file. The first command shows the password and access level configuration. Protecting Access to privileged EXEC mode. This section includes this configuration information: • Setting...
Software Configuration Guide
Page 204
... enable per-user access control lists (ACLs) to provide different levels of Cisco IOS access lists on access ports. The switch does not save RADIUS-specified ACLs in octet-string format and are filtered by default. MAC ACLs are inacl# for the ingress direction and outacl# for per -user configuration stored on the RADIUS server. For more information, see Chapter 27, "Configuring Network Security with Per-User ACLs You can configure any active VLAN...
... enable per-user access control lists (ACLs) to provide different levels of Cisco IOS access lists on access ports. The switch does not save RADIUS-specified ACLs in octet-string format and are filtered by default. MAC ACLs are inacl# for the ingress direction and outacl# for per -user configuration stored on the RADIUS server. For more information, see Chapter 27, "Configuring Network Security with Per-User ACLs You can configure any active VLAN...
Software Configuration Guide
Page 218
...), you can configure a port as a voice VLAN port). Switch Ports Switch ports are forwarded only to ports that is logically segmented by using the switchport interface configuration commands: • Identify the interface. • For a trunk port, set trunk characteristics, and if desired, define the VLANs to route traffic between the VLANs. Switch ports belong to one another without regard to and carries the traffic of the link. Access Ports An access port belongs to the physical location of its own MAC address table. Configure switch ports by function...
...), you can configure a port as a voice VLAN port). Switch Ports Switch ports are forwarded only to ports that is logically segmented by using the switchport interface configuration commands: • Identify the interface. • For a trunk port, set trunk characteristics, and if desired, define the VLANs to route traffic between the VLANs. Switch ports belong to one another without regard to and carries the traffic of the link. Access Ports An access port belongs to the physical location of its own MAC address table. Configure switch ports by function...
Software Configuration Guide
Page 225
... how to use the interface range global configuration command to set the speed on ports 1 to 4 to 100 Mbps: Switch# configure terminal Switch(config)# interface range fastgigabittethernet0/1 - 4 Switch(config-if-range)# speed 100 This example shows how to use the macro keyword in the configuration file. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 10-9 Wait until the command prompt reappears before exiting interface range configuration mode. You can use a comma to add different interface type strings to the range to enable Fast Ethernet interfaces in the range 1 to 3 and...
... how to use the interface range global configuration command to set the speed on ports 1 to 4 to 100 Mbps: Switch# configure terminal Switch(config)# interface range fastgigabittethernet0/1 - 4 Switch(config-if-range)# speed 100 This example shows how to use the macro keyword in the configuration file. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 10-9 Wait until the command prompt reappears before exiting interface range configuration mode. You can use a comma to add different interface type strings to the range to enable Fast Ethernet interfaces in the range 1 to 3 and...
Software Configuration Guide
Page 231
...-MDIX settings and correct and incorrect cabling. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 10-15 Configure the flow control mode for any incorrect cabling. When connecting switches without the Auto-MDIX feature, you must use either device. It is enabled on | off | desired} end show interfaces interface-id copy running-config startup-config Purpose Enter global configuration mode Enter interface configuration mode and the physical interface to the flowcontrol interface configuration command in the configuration file. Return to the hardware installation guide...
...-MDIX settings and correct and incorrect cabling. 78-16156-01 Catalyst 3560 Switch Software Configuration Guide 10-15 Configure the flow control mode for any incorrect cabling. When connecting switches without the Auto-MDIX feature, you must use either device. It is enabled on | off | desired} end show interfaces interface-id copy running-config startup-config Purpose Enter global configuration mode Enter interface configuration mode and the physical interface to the flowcontrol interface configuration command in the configuration file. Return to the hardware installation guide...
Software Configuration Guide
Page 254
... configuration in VLAN database configuration mode, do not enter leading zeros. exit Update the VLAN database, propagate it to 1001. Add an Ethernet VLAN by entering vlan first-vlan-id end last-vlan-id. Note When entering a VLAN ID in the switch startup configuration file. To return the VLAN name to the default settings, use VLAN database configuration mode to that specific switch. When you delete a VLAN, any ports assigned to create or modify an Ethernet VLAN: Step 1 Step 2 Command vlan database vlan vlan...
... configuration in VLAN database configuration mode, do not enter leading zeros. exit Update the VLAN database, propagate it to 1001. Add an Ethernet VLAN by entering vlan first-vlan-id end last-vlan-id. Note When entering a VLAN ID in the switch startup configuration file. To return the VLAN name to the default settings, use VLAN database configuration mode to that specific switch. When you delete a VLAN, any ports assigned to create or modify an Ethernet VLAN: Step 1 Step 2 Command vlan database vlan vlan...
Software Configuration Guide
Page 340
... interface configuration mode. Note The show spanning-tree mst instance-id copy running -config privileged EXEC command to configure the MSTP cost of an interface. Beginning in a link-up operative state. the default value is 1 to 200000000; or show spanning-tree mst interface interface-id privileged EXEC command displays information only for ports that you want selected last. To return the interface to its default setting, use...
... interface configuration mode. Note The show spanning-tree mst instance-id copy running -config privileged EXEC command to configure the MSTP cost of an interface. Beginning in a link-up operative state. the default value is 1 to 200000000; or show spanning-tree mst interface interface-id privileged EXEC command displays information only for ports that you want selected last. To return the interface to its default setting, use...
Software Configuration Guide
Page 630
... Switch Software Configuration Guide 78-16156-01 Split horizon blocks information about routes from being advertised by a router on a network access server for dial-up clients, use plain text authentication (the default) or MD5 digest authentication. Note If split horizon is not recommended unless you want to configure an interface running -config startup-config Purpose Enable RIP authentication. interface interface-id Enter interface configuration mode, and specify the Layer 3 interface to privileged EXEC mode. To restore clear...
... Switch Software Configuration Guide 78-16156-01 Split horizon blocks information about routes from being advertised by a router on a network access server for dial-up clients, use plain text authentication (the default) or MD5 digest authentication. Note If split horizon is not recommended unless you want to configure an interface running -config startup-config Purpose Enable RIP authentication. interface interface-id Enter interface configuration mode, and specify the Layer 3 interface to privileged EXEC mode. To restore clear...
Software Configuration Guide
Page 712
... across all multicast groups. Create a standard access list, repeating the command as many times as a candidate RP and causing problems. Beginning in the bit positions that no ip pim rp-announce-filter rp-list access-list-number [group-list access-list-number] global configuration command. 32-16 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 If more than one mapping agent is optional. Configuring IP Multicast Routing Chapter 32 Configuring IP Multicast Routing Filtering Incoming RP Announcement Messages You can add configuration commands to...
... across all multicast groups. Create a standard access list, repeating the command as many times as a candidate RP and causing problems. Beginning in the bit positions that no ip pim rp-announce-filter rp-list access-list-number [group-list access-list-number] global configuration command. 32-16 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 If more than one mapping agent is optional. Configuring IP Multicast Routing Chapter 32 Configuring IP Multicast Routing Filtering Incoming RP Announcement Messages You can add configuration commands to...
Software Configuration Guide
Page 746
...-50 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 You can use any of the privileged EXEC commands in the DVMRP routing table. Display the entries in Table 32-4 to the switch and that are directly connected to clear IP multicast caches, tables, and databases: Table 32-4 Commands for Displaying System and Network Statistics Command ping [group-name | group-address] show ip dvmrp route [ip-address] show ip igmp groups [group-name | group-address | type number] show ip igmp interface [type number] show...
...-50 Catalyst 3560 Switch Software Configuration Guide 78-16156-01 You can use any of the privileged EXEC commands in the DVMRP routing table. Display the entries in Table 32-4 to the switch and that are directly connected to clear IP multicast caches, tables, and databases: Table 32-4 Commands for Displaying System and Network Statistics Command ping [group-name | group-address] show ip dvmrp route [ip-address] show ip igmp groups [group-name | group-address | type number] show ip igmp interface [type number] show...
Software Configuration Guide
Page 782
Press the Mode button, and at the same time, reconnect the power cord to initializing the flash file system. Step 1 Step 2 Step 3 Step 4 Step 5 Connect a terminal or PC with Password Recovery Disabled, page 35-6 You enable or disable password recovery by entering a new password. Set the line speed on and by using the service password-recovery global configuration command. The following commands will initialize the flash file system proceed to the "Procedure with Password Recovery Enabled" section on page 35-6, and...
Press the Mode button, and at the same time, reconnect the power cord to initializing the flash file system. Step 1 Step 2 Step 3 Step 4 Step 5 Connect a terminal or PC with Password Recovery Disabled, page 35-6 You enable or disable password recovery by entering a new password. Set the line speed on and by using the service password-recovery global configuration command. The following commands will initialize the flash file system proceed to the "Procedure with Password Recovery Enabled" section on page 35-6, and...
Software Configuration Guide
Page 859
... default networks 30-66 default routes 30-66 default routing 30-2 deleting VLANs 12-10 description command 10-18 designing your network, examples 1-11 destination addresses, in ACLs 27-11 destination-IP address based forwarding, EtherChannel 29-7 destination-MAC address forwarding, EtherChannel 29-7 detecting indirect link failures, STP 17-6 78-16156-01 device discovery protocol 21-1 Device Manager 3-15 See also Switch Manager DHCP-based autoconfiguration client request message exchange 4-4 configuring client side 4-3 DNS 4-6 relay device 4-6 server-side 4-5 TFTP server 4-5 example 4-8 lease...
... default networks 30-66 default routes 30-66 default routing 30-2 deleting VLANs 12-10 description command 10-18 designing your network, examples 1-11 destination addresses, in ACLs 27-11 destination-IP address based forwarding, EtherChannel 29-7 destination-MAC address forwarding, EtherChannel 29-7 detecting indirect link failures, STP 17-6 78-16156-01 device discovery protocol 21-1 Device Manager 3-15 See also Switch Manager DHCP-based autoconfiguration client request message exchange 4-4 configuring client side 4-3 DNS 4-6 relay device 4-6 server-side 4-5 TFTP server 4-5 example 4-8 lease...