To change the number of lines before pausing in long output:
terminal length lines (where lines is 0 to 511) - put in 0 for don't pauseTo change current switch for configuration in a stack
To list the swich numbers in the stack: show switch To change the current switch in stack context: session 1 session 2
Whack that port back to default -
conf t default interface gi1/0/2
To show all ports on all of the stack: - handy to find the port name of the port in a stack....
show interfaces switchport
Connect to the usb (sorta serial) port on newer switches?
Give screen a go:
screen /dev/ttyUSB1 9600 (newer 300 sort of Linux based switches up that to 115200)
bring an interface up or down?
no shutdown <- interface up shutdown <- interface down (check out the test a setting section below to keep from shooting yourself in the foot first!)
need to just find out what the device is and other info?
enable sh version Or to find details for cards: show diagbus
How about if you have a computer on a port, and you want to figure out what port it is on (Cisco only trick):
Grab this tool: http://sourceforge.net/projects/cdpr/
Might need this as well (winpcap): http://www.winpcap.org/
Thanks monkeymental.com !
cdpr cdpr - Cisco Discovery Protocol Reporter Version 1.0.7 Copyright (c) 2002 - MonkeyMental.com 1. \Device\NPF_GenericNdisWanAdapter (Generic NdisWan adapter) 2. \Device\NPF_{blahblah} (AMD PCNet Adapter) Enter the interface number (1-2):2 Using Device: \Device\NPF_{blahblah} Waiting for CDP advertisement (default config is to transmit CDP packets every 60 seconds) Device ID value: switch101 Addresses value: 10.6.8.253 value: 10.6.8.253 Port ID value: GigabitEthernet0/5
- Alternate method:
Parthiban show how in his blog, using tcpdump:
http://www.lazysystemadmin.com/2011/09/find-out-which-switch-port-connected.html
In case that link goes away, here is an example - replace eth0 with your wired interface name: tcpdump -nn -v -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000' Check for port id in the output: Port-ID (0x03), length: 20 bytes: 'GigabitEthernet1/0/3'
Have an unsupported gbic module? (WARNING! - can case warranty issues see warnings that the command issues!)
Here is a list of supported gbic modules on the 2960 at least:
Also, if the "unsupported command" gets knocked out by a future Cisco IOS upgrade, you are on your own (not that you did not know that already, as you are reading a geek blog).
Links for future reference. Thanks folks!
http://www.velocityreviews.com/forums/t35169-gbic-down.html http://www.wifi-forum.com/wf/showthread.php?t=71439 http://www.elemental.net/~lf/undoc/
telnet switchip (if unconfigured, boot and hold the mode button - with no devices connected) until the 4 leds turn green - about 2 seconds - then release and go to 10.0.0.1 after setting up your computer for the range and connecting the Ethernet cable) enable show interfaces status err-disabled (see that you have gbic-invalid port!) configure terminal no errdisable detect cause gbic-invalid service unsupported-transceiver #possibly with "config IOS" at the end? end copy run start reload
To get the sfp port working (by disabling the paired copper Gig port on a cisco 2960 -
enable configure terminal interface gi0/1 media-type sfp end show interfaces gi0/1 transceiver properties (see that you get Configured Media: sfp) - note, this disables the copper port below on the 2960. copy run start reload
To "test" a setting that may make you lose your connection:
reload in 5 #reboot switch and reload original config in 5 min - go Scotty go! make changes you need to test and if you loose connection, the reload is still in place. If all is well, cancel the reload with this: reload cancel This makes a nice way to not have to tell end users to unplug a remote switch / router Don't forget to save! copy start run
To find the switch port devices are on using Cisco IOS:
show mac-address-table show mac address-table
To set up remote syslog using Cisco IOS:
enable config logging on logging w.x.y.z logging trap debugging service timesamps log uptime exit copy run startmore info on troubleshooting a t1 and syslog here:
http://www.cisco.com/en/US/tech/tk713/tk628/technologies_tech_note09186a00800a5f40.shtml
http://www.cisco.com/en/US/products/sw/cscowork/ps2073/products_tech_note09186a00800a7275.shtml
Telnet in with Python and snag the interface counters
Ever want to get more than shown by syslog but don't have all day and night to stay up and capture the interface status?
Well, today is your lucky day. Just edit the script and set up a nice cron job for it and you can log the status using Python and telnetlib!
Enjoy: ciscointerface.py
Configure an ip address
conf t interface vlan 1 ip address 192.168.0.2 255.255.255.252 no shut switch(config)#write now you need a password set: switch(config)#line vty 0 15 switch(config-line)#password blah switch(config-line)#transport input telnet switch(config-line)#login switch(config-line)#exit switch#copy running-config startup-config switch#config switch(config)#enable secret enablesecretpassword switch(config)#exit switch#copy running-config startup-config Try to telnet in from elsewhere with the password (and new enable password).Set a host name
enable conf t hostname xyz end copy running-config startup-config
Configure a trunk for vlan propagation.
On the switch that is considered the vtp server (there can be only one): conf t vtp mode server vtp domain somename vtp password somepassword copy run start On the other switches: conf t vtp mode client vtp domain somename vtp password somepassword copy run start - update - make sure vtp version is 2 or you will get : *** MD5 digest checksum mismatch on trunk - if you do it later, you will have to set vtp version 3 and then back to 2 on the fly. Now set up trunking on your interconnection interfaces: (first the master switch - i.e. vtp server): conf t interface te1/0/1 switchport mode trunk (don't fret if the locks for a bit, wait for it!) switchport trunk allowed vlan 1,100 no shutdown do the trunk setup on the other client switches the same way. Now set up some vlans on the master switches access ports and some on the client switches and give it a spin! configure terminal (config)#interface fastethernet 0/2 (config-if)#switchport mode access (config-if)#switchport access vlan 100 (config-if)#exit (config)#interface fastethernet 0/3 (config-if)#switchport mode access (config-if)#switchport access vlan 100 (config-if)#end #write memory copy run start Go back to the master switch and configure an IP in the new vlan space: conf t interface vlan 100 ip address 192.168.100.5 255.255.255.0 To check the vtp config: show vtp status show vtp counters Check for advertisements from each of the switches and the status of the trunk ports!Getting "max retries removing client" from your old Aironet AP's?
config t interface dot11radio 0 packet retries 128 drop-packet end copy run start
The value ranges from 1-128. 128 seems to work for me when many clients are in use.
The dot11radio is 0 or 1 depending on B/G or A radios.
Is the Java in the web page for the Aironet devices you have full of the suck?
Since newer browsers won't show associations, you can get it via telnet (assuming you have that enabled):
show dot11 associations
Cisco NCS Prime Infrastructure - reset admin user via the vm console"
configure terminal username admin password plain NEWSECRETPASSWORD role admin exit copy run start
Cisco NCS Prime Infrastructure - shutdown via the console
Log in as admin # ncs stop # halt
Cisco NCS Prime Infrastructure - no web interface for you?
Check it via the console vm: show application status NCS (see what is started / stopped / broken) NCS stop NCS cleanup NCS start Hope that works. More drastic measures: NCS DB reinitdb <- clears out all data so don't do this unless you like setting everything up again
Cisco NCS Prime Infrastructure - weak in the keys? Is a weak ssl cert stopping your from managing via the web interface?
Found the workaround here: https://supportforums.cisco.com/discussion/12552276/pi-21-and-firefox-39
I am repeating the info from the link above in case it disappears in the future (before this blog does): If you have problems with weak ssl keys and new browsers, here is a Firefox workaround: about:config -> search security.ssl3.dhe_rsa_aes -> Double click each result (128 and 256) to toggle the Value to "false" Change these settings back when you're done.
For a Cisco WLC 5500 series:
Change the management user password:
show mgmtuser config mgmtuser password (mgmtusername) (new password)
Add a new user (read-write):
config mgmtuser add (new mgmtusername) (password for new mgmtusername) read-write
Linux vlan howto (brief):
apt install vlan create vlan interface compatible with the vconfig naming. (i.e. deviceX.Y - Y = vlan number) ifup device0.50 (skip 1 and stay below 4096 for numbering for sure...0 (ensure 8021q module is loaded) Trunk with: (Ubuntu 16.04 and up you must do this one first - before ifup) ip link add link ethX name ethX.Y type vlan id Y - verify it is up with (ip link) if not, set up with ip link set deviceX.Y up (bring vlan up) ip link del ethX.Y (to remove) Don't forget to do an ifup ethX.Y (if you still use the old form /etc/network/interfaces) - and add: vlan-raw-device ethX.Y