Cisco AAA/Identity/Nac :: Ws-c3750-48ps Enable Dot1x On Stack I
May 31, 2013
I have 3 ws-c3750-48ps in a stack and i'd like to enable dot1x on the stack I entered the commands: [code] I also have dot1x enabled on several interface on the 2nd and 3rd switches in the stack with these commands [code] dot1x successfully works on these ports and I see the logs in acs, heres where the problem comes in when i try to enable dot1x using the above commands on any interface on the first switch in the stack it doesn't work its like the switch doesn't support dot1x. I'm assuming that there is a bug in version 3 but after googling I didn't come up with much.
View 6 Replies
ADVERTISEMENT
Apr 17, 2013
I have production stack in the following config:
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 52 WS-C3750-48P 12.2(25)SEE4 C3750-IPSERVICESK9-M
2 52 WS-C3750-48P 12.2(25)SEE4 C3750-IPSERVICESK9-M
I want to add 3-rd switch to it:
Switch: WS-C3750G-48PS 12.2(25)SEE3 C3750-IPSERVICESK9-M
Will this configuration work? My main concern is IOS difference?
View 3 Replies
View Related
Mar 3, 2013
I have 3750-48PS-S in production and would like to stack it with C3750G-48PS. Both switches are running code:
c3750-ipservicesk9-mz.122-50.SE3.bin
View 3 Replies
View Related
Jul 27, 2011
Whenever I add devices in CiscoWorks and do not manually specify the device type. CiscoWorks find itself wrong device types for it, For example I have found that mostly it classify WS-C3750-48PS-S as below device types; [code]
Also found that WS-C3560-24PS-S discovered as 7600 series routers.
View 3 Replies
View Related
Dec 13, 2012
After powering up a WS-C3750-48PS switch, Normal POST LED flashing of lights does not happen, instead the switch is stuck in SYST Mode on the front panel. My attempt to hold down the mode button upon powering up for 15 sec fails to reboot the switch. I cannot console to the switch. Is this switch unrecoverable? Should I RMA with TAC?
View 5 Replies
View Related
Jul 9, 2012
I want to upgrade the IOS version of 3750 48PS switches. these stacks are located on different building some of the them having 2 members and some have 3 members in a stack.step by step to upgrade the IOS of these switches.
View 1 Replies
View Related
Jan 21, 2013
just wonder if the Cisco Stack Wise 50CM Stacking Cable is freely available when purchasing Cisco Catalyst 3750G-48PS-E or we need to pay for it?
View 2 Replies
View Related
Aug 25, 2012
I have been experiencing a strange problem i have a switch stack of 3750 in which 4 switches are cascaded. there is one one switch shows PROVISIONED status when I run "show switch". i have verified the stack cable connectivity its OK.
now when i try to console that particular switch i am unable to access it as well. I tried to reboot that switch and on reboot it only shows one LED syst blink once and after that remains constant and nothing happens to other LEDS. from the back of the switch FAN is working fine.
View 4 Replies
View Related
Sep 17, 2012
I have a Cisco 6509 with IOS "s222-ipservicesk9_wan-mz.122-18.SXF16.bin"I need to enable dot1x on user's ports on the switch. each user is connected to the switch through the IP phone.
I just found out that I can not enabled dot1x on trunk port. I have tried to use "switchport voice vlan " but I got:
Switch(config-if)#switchport voice vlan 123
Command rejected: Gi7/20 is Dot1x enabled port.
let me know what should I do to get dot1x working?
Note: I have connected a laptop directly to the port and dot1x is working fine.
View 5 Replies
View Related
Dec 10, 2012
I was thinking of upgrading the IOS of a number of c3750 stack (roughtly about 50-100 stacks around the country)...I would like to know is this feasible?
My CiscoWork NMS is connected with a low bandwidth (2Mbps) management link. I was thinking if I upgrade via CW2k, then RME will take "ages" to push the IOS to the stack, right? Is this feasbile for 100+ stack of switches?
View 5 Replies
View Related
Sep 11, 2012
I am in the process of upgrading our stack of 4 switches consist of WS-C3750G-48PS. Upon reading release notes found that there are two versions of release notes 1 day apart, the one 02 Sep 2012 saying that WS-C3750-48PS is not supported in this version. Then in release next day 03 Sep 2012 that note has been removed. Which one is correct. Is it supported with my model of switch or not.also unable to update boot path in the stack switches, "switch all" is not supported in the current IOS. Master switch has new boot path but unable to change in slaves.
View 1 Replies
View Related
Jul 8, 2012
I have 2 switches c3750 which I want to install in stack to replace two Nortel switch that I have in production.
When connecting my new stack of cisco switches to a cisco router c3750 to 2600, they begin to restart by itself. I mean, There is a cisco router 2600. which I want to connect to the stack of switches. The problem is that when the switches connect to the router it begins to restart.
If you need to see the running config of the cisco Switches or the 2600 router.
View 3 Replies
View Related
Mar 13, 2011
We have existing stack of 3 units of WS-C3750-48TS-S ( 100 mbps ports with Gigabot uplinks). with IOS as follows, Can we add WS-C3750G-48PS-S in this same stack (this is 48 Gigabit ports)?
View 2 Replies
View Related
Feb 4, 2013
According to cisco manual in order to change SDM template i need to reboot switch, but when i have C3750-X stack do i need to reboot stack or maybe will be enough reboot in sequence the stack members?
View 3 Replies
View Related
Feb 3, 2012
can i stack cisco (ws-c3750G-12s) with (ws-c3750X-24p-poe-s) with (ws-c3750-48p-10/100 poe) i mean even a switch is 10/100 and the other switch is 10/100/1000?
View 3 Replies
View Related
Sep 30, 2009
Is it possible to upgrade a c3750-stack one member at a time to avoid downtime? I need to keep L3-functionality up.
If I have one etherchannel from access-switch (2 channel-ports in 3750, in different stack-members), my 3750-stack as a distribution layer switch, and another etherchannel (also spread over multiple stack members) to core, can I upgrade the entire stack without traffic interruption?
View 5 Replies
View Related
Nov 27, 2012
a) I have three C3750-X switch stack together as my SAN switch and running on the new 15.0 release which is 15.0(1) SE.
b) Recently the master switch rebooted without any explanation. Create ticket with TAC and got an answer that it is due to a bug with ID: CSCtr31957.
My question is, which release that should i choose either the 15.0(1) SE3 or the latest 15.0(2)? Will it affect any of my configuration if i change to 15.0(2)?
Finally, what is the best practice to upgrade IOS in a stack whether to upgrade it 1 switch at a time or do it to all at once?
View 3 Replies
View Related
Feb 13, 2012
Is that possible add WS-C3750-48TS-E to ws-c3750e-48td stack?
View 4 Replies
View Related
Jan 1, 2012
I have 8 switch stack consisting of six WS-C3550-48P and two WS-C3750G-16TD running software vesrion 12.2(25) SEB1. When I added new C3750v2-24PS (running image 12.2(50) SE5) in stack so I up-graded the image of existing 8 switches with latest veriosn 12.2(50) SE5. Once I have done with the upgrade then all ports of my stack switches went down after around five minuts. Is it image compatibility issue with existing switches or something else?
View 7 Replies
View Related
Aug 9, 2012
We have WS-C3750-24FS switches stacked supporting users on our LAN. I want take advantage of the netflow capabilities of the WS-C3750X using the C3KX-SM-10G card.
Would I be to see netflow data coming from the WS-C3750's if I stacked it with the WS-C3750X?
Also I read that the C3KX-SM-10G card would support a 1G SFP is that correct?
View 1 Replies
View Related
Jan 24, 2010
I want to setup the ACS 5.1 for dot1x-Port authentication. I want to make a machine authentication against an AD-Domain and I got the following error Message:24435 Machine Groups retrieval from Active Directory succeeded
View 13 Replies
View Related
Apr 9, 2012
I have a 2960 sw configured for dot1x authentication, the problem is the Guest VLAN and Restricted VLAN didnot work. The switch port was stuck in authenticating status. The server is Juniper IC4500.
View 2 Replies
View Related
Apr 5, 2012
This weekend we have upgraded the ios on quite a few switches on a larger site, the site is a mix of 2960 and 3560 switches and the previouse ios versions were 12.2.44 on most switches but some had an older 12.2.25.On monday when we came into work we got a call that most of the ports on these switches were an amber color and most people could't use the network.After some investigation we discovered that we had a problem with dot1x so for a quick solution we just removed it from the switches and restarted all the ports with no dot1x enabled,[code]
View 6 Replies
View Related
Aug 12, 2012
Is it possible to set up a multi use port that will use dot1x to authenticate several laptops, only 1 connected at a time, but I need the phone to automatically connect without having to make changes to the phone config as I don't have access to the Cisco call manager to set up the authentication.
Setup would be using catalyst 3650x at the access layer, various Cisco ip phones models and a Cisco acs 4.2 server doing the authentication. The laptops would be plugged in through the phone. The switch is already in use and setup and using both data and voice vlans, but now I need to enable it for several users. The acs is already setup to authenticate our wireless network so I'm planning on using the same setup for the wired side.
View 1 Replies
View Related
Jan 17, 2013
I was looking for a way the manually re-authenticate dot1x client from cli and found this: [URL]
"You manually reauthenticate the client by entering the dot1x reauthenticate interface interface-id privileged EXEC command"
I've tried it 2960 with 12.2(58)SE and 15.0(2)SE, but it doesn't seems to be implemented. Have I missunderstood something? Or do you guys have any other command to accomplish a manually re-auth?
View 6 Replies
View Related
Sep 27, 2012
I am having an issue on a Cisco 3750 stack where when the stack master is rebooted, all my lacp port-channels drop and then come back up again. After doing some investigation It seems that it is happening because of lacp using the stack master mac-address as part of the system-id, so when the stack master reboots, the stack mac changes. I see that there is the command: stack-mac persistent timer 0
There is this warning about using this command:
When you configure this feature, a warning message displays the consequences of your configuration. You should use this feature cautiously. Using the old master MAC address elsewhere in the domain could result in lost traffic.
My question are:
Are there any other consequences to using this command (apart from moving the switch/mac to another location in the network)It mentions 'If the entire switch stack reloads, it acquires the MAC address of the master as the stack MAC address' Is this still the case if you have the stack-mac persistent timer to 0? Does using channel-group mode on for the port-channels still use the same mechanism of having a system-id? (Will the channels flap using 'mode on' when rebooting the stack master.
View 4 Replies
View Related
Aug 11, 2011
I configured dot1x on my swicth 4500 series, Here is the interface configration:
interface FastEthernet3/2
description Test dot1x
switchport mode access
load-interval 30
authentication event fail action authorize vlan 800
authentication host-mode multi-host
authentication port-control auto
[code]....
When I remove the port-control configuration on the interface, the status change to UP/UP.
View 1 Replies
View Related
Jun 14, 2011
I am not on site and I have not seen a WS-C3750V2-24PS-S. Customer has a stack of 6 x WS-C3750V2-24PS-S and one unit has failed. We do not have a WS-C3750V2-24PS-S spare. Can we replace it with a standard WS-C3750-24PS-S (not V2) switch and be part ofthe stack.
1. Are there any traps gotchas?
2. What about IOS versions - aren't they different for V2 switches
3. Are the stack ports and stack cables same for both WS-C3750V2-24PS-S and WS-C3750-24PS-S
4. What is the main reason for bringing out the V2 switches. What features do they have extra?
View 3 Replies
View Related
Oct 4, 2011
We have c3750s running NAC 4.8. Occassionally, a workstation will flap between the untrusted and trusted vlans. We updated the NIC drivers on the workstation, we verified SNMP was functioning correctly on the switch, and we allowed the phones to act as the pass-through between the workstation and the switch. What could cause the workstation IP Address to not redirect to a TRUSTED VLAN from the NAC_UNTRUST VLAN? All updates have been downloaded to the workstation.
View 1 Replies
View Related
Jun 4, 2011
I have created internal user on internal identiy store --> users with password & enable password , Similarly i have enabled max privilige level 15 under policy elements , authorisation & permission ,Device administration , shell profile .But i am unable to login into device using enable password , I am finding following error on my logg report
Failuire reason : 13029 Requested privilige level is too high .
View 3 Replies
View Related
Jan 28, 2013
How to configure authentication of enable password using acs 5.3. I have installed acs 5.3 and created user and gave relevant passwords. Following config is done on router
aaa new-model
aaa authentication login default group tacacs+ local
aaa authen enable default group tacacs+ enable
tacacs-server host x.x.x.x key xxxxx
Now when I telnet router, i can authenticate username/pass with acs5.3 but when i try to enter enable command and give password, it gives me error in authentication. What is the process of configuring enable passwords?
View 6 Replies
View Related
Feb 28, 2013
We are using ACS 5.3 with two servers in a distributed solution.All logs are collected on primary server so when this server fails all logs are lost.How can I enable log on secondary server also?
View 2 Replies
View Related
Oct 12, 2011
ACS and i would like to know how to enable the "Configuration Audit" for someone login to my network devices using their ACS login and i can monitor what they did on it.
ACS Version : 5.2.0.26
View 6 Replies
View Related