Cisco 2950 Switch

Unanswered Question
Mar 23rd, 2008
User Badges:

I have a 2950 I inherited, I Did not know the passwrod so I cleared the flas using the instructions from Cisco. I than proceeded to configure the switch many ways. The first was was using a excel template I found and I was able to connect throught the console port no problems and confiure the swtich I also was able to put the switch in Express set up mode. No here is the conunrum After i configure the switch and put the ports into up up mode I connect a ethernet cable to the first 10/100 port or any 10/100 port fot that matter and I the port goes into the proper mode 100MB I also get green link light on the switch and the pc detects the link. But i never get any ethernet traffic to pass. Also if i put the switch into express setup and connect to ethernet port i get no address and cannot connect i have even given the pc fixed address still nothing and yes the four lights are solid to confirm switch is in express setup mode. So to re-iterate i can connect to the cosole and look at everyhing on the switch, but nothing on ethernet seems to work proeperly. I a new to these switches so what am I oing wrong or how can i fault find to determine whats wrong? What am missing help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Istvan_Rabai Sun, 03/23/2008 - 06:12
User Badges:
  • Gold, 750 points or more

Hi Carl,


My first question is: how did you check that no traffic is passing between the PC and the switch?


If the traffic check is correct, I would check the auto-negotiation setup of the switch port and the PC port.


The best would be if both were configured for "speed 100" and "duplex full".


Also check, if you connect from the PC to the switch with a straight-through cable.


If these don't work, then I would like to see the interface config by using the output of the following command:


"sh run interface fa0/1" or the interface you are using.


Thank you:

Istvan


craeside2 Sun, 03/23/2008 - 07:41
User Badges:

TCPdump on both sides of switch and connected it to the production network.

I have set the speed and duplex on the swtich to 100 full.

Definatly a straight through( heh heh) I have just never played with these switches before.


here is output.


Switch#sh run interface fa0/1

Building configuration...


Current configuration : 57 bytes

!

interface FastEthernet0/1

speed 100

duplex full

end


Switch#



I went through these instructions as well


SW2950>en

SW2950#conf t

SW2950(config)#int vlan1

SW2950(config-if)#ip add 192.168.1.2 255.255.255.0

SW2950(config-if)no shut

SW2950(config-if)

SW2950#wr mem

SW2950#


Then configure your PC with the following IP configuration,


IP Address: 192.168.1.3

Netmask: 255.255.255.0


Then configure the enable secret password and the VTY lines on the switch


SW2950#conf t

SW2950(config)#enable secret

SW2950(config)#line vty 0 15

SW2950(config-line)#password

SW2950(config-line)#login

SW2950(config-line)#transport input all

SW2950(config-line)#logging synch

SW2950(config-line)#

SW2950#wr mem

SW2950#





and these are the results from that config.


OK went through this it was similar to the spreadsheet. But went through again and the results were similar I can ping the switch but still cannot ssh to it nor access via web, nor deos it allow any other traffic across ( ie cannot access internet web resources if i connect it to production network) But even standalone cannot access the switch via http or ssh.. but i ca ping it.




Hi There


Have you configured an IP address on the Vlan1 interface on the switch?


To enable you to connect to the switch via Ethernet you need to have an IP address on the switch and an IP within the same range on the PC.


You do this by creating the VLAN1 interface if it is not already present, applying an IP address and opening up the interface.


SW2950>en

SW2950#conf t

SW2950(config)#int vlan1

SW2950(config-if)#ip add 192.168.1.2 255.255.255.0

SW2950(config-if)no shut

SW2950(config-if)

SW2950#wr mem

SW2950#


Then configure your PC with the following IP configuration,


IP Address: 192.168.1.3

Netmask: 255.255.255.0


Then configure the enable secret password and the VTY lines on the switch


SW2950#conf t

SW2950(config)#enable secret

SW2950(config)#vty line 0 15

SW2950(config-line)#password

SW2950(config-line)#login

SW2950(config-line)#transport input all

SW2950(config-line)#logging synch

SW2950(config-line)#

SW2950#wr mem

SW2950#


Connect the PC to the switch using a straight through CAT5 cable and make sure that the speed and duplex on both the port on the PC and the port on the Switch match.


You should now be able to ping, telnet, ssh to the switch from the PC.


HTH


Best Regards,


Michael

craeside2 Sun, 03/23/2008 - 07:35
User Badges:

OK went through this it was similar to the spreadsheet. But went through again and the results were similar I can ping the switch but still cannot ssh to it nor access via web, nor deos it allow any other traffic across ( ie cannot access internet web resources if i connect it to production network) But even standalone cannot access the switch via http or ssh.. but i ca ping it.

glen.grant Sun, 03/23/2008 - 08:27
User Badges:
  • Purple, 4500 points or more

You would have to post your config and show us the ports that connect to the rest of the network. Also unless you have the crypto version of code on the switch and you have set up the switch for SSH you will not be able to SSH to it . ARe all the ports in vlan 1 ? If so and your uplinks are not trunked you should be able to plug it in and it should work but its hard to say without seeing the config.

craeside2 Sun, 03/23/2008 - 08:44
User Badges:

I can easily send the entire config if you let me know the cmd to get it all.

Hi There


To show the entire configuration, use the command "show run" and post the output.


Also can you telnet to the switch?


I think that you require a cryptographic IOS image on the switch before you can use SSH. Can you also post the output from the command "show version". This will show us the IOS version on the switch.


Check out this link for more information on SSH on a 2950.


http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_20_ea2/configuration/guide/swauthen.html



Best Regards,


Michael



craeside2 Sun, 03/23/2008 - 11:44
User Badges:

Here is config.


Also cnnot telnet to the box either.

but ping works.



Current configuration : 1224 bytes

!

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Switch

!

enable secret xxx

!

ip subnet-zero

!

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

!

!

!

--More-- interface FastEthernet0/1

speed 100

duplex full

!

interface FastEthernet0/2

!

interface FastEthernet0/3

!

interface FastEthernet0/4

!

interface FastEthernet0/5

!

interface FastEthernet0/6

!

interface FastEthernet0/7

!

interface FastEthernet0/8

!

interface FastEthernet0/9

!

interface FastEthernet0/10

!

interface FastEthernet0/11

--More-- !

interface FastEthernet0/12

!

interface FastEthernet0/13

!

interface FastEthernet0/14

!

interface FastEthernet0/15

!

interface FastEthernet0/16

!

interface FastEthernet0/17

!

interface FastEthernet0/18

!

interface FastEthernet0/19

!

interface FastEthernet0/20

!

interface FastEthernet0/21

!

interface FastEthernet0/22

!

--More-- interface FastEthernet0/23

!

interface FastEthernet0/24

!

interface Vlan1

ip address 192.168.1.9 255.255.255.0

no ip route-cache

!

ip http server

!

line con 0

line vty 0 4

logging synchronous

login

line vty 5 15

logging synchronous

login

!

!

end


Switch#

Hi There


There is no password configured under the VTY lines.


Please configure passwords and try to telnet again. If this fails then please post the error message you receive when you attempt to telnet to the switch.


Also please post the output from the command "show version" so we can see if you have a crypto image installed or not, as without a crypto image you will not be able to use SSH.



Best Regards,


Michael

cisco24x7 Sun, 03/23/2008 - 18:43
User Badges:
  • Silver, 250 points or more

I will assume this is a standalone switch and NOT connected to any

other switches.


From the console port:


switch>en

switch#conf t

switch(config)#user cisco pass cisco

switch(config)#enable sec cisco

switch(config)#int vlan 1

switch(config-if)#ip address 192.168.1.1 255.255.255.0

switch(config)-if#no shut

switch(config-if)#exit

switch(config)#interface F0/1

switch(config-if)#switchport

switch(config-if)#switch mode access

switch(config-if)#switch access vlan 1

switch(config-if)#no shut

switch(config-if)#interface f0/2

switch(config-if)#switchport

switch(config-if)#switch mode access

switch(config-if)#swtich access vlan 1

switch(config-if)#no shut

switch(config-if)#exit

switch(config)#line vty 0 15

switch(config)#login local

switch(config)#logging sync

switch(config)#exec-timeout 60 0

switch(config)#session-timeout 60 0

switch(config)#end

switch#


now connect your linux_1 into F0/1 and linux_2 into f0/2.

Assign linux_1 with ip address of 192.168.1.10/24 and linux_2

with an ip address of 192.168.1.20/24


Now linux_1 should be able to ping linux_2 and from either

Linux_1 or Linux_2, you can do this from the CLI:


telnet 192.168.1.1 with user/pass cisco/cisco

after that, go into enable mode with "cisco" as the enable

secret password.


CCIE Security

ilnaiduccna Mon, 03/24/2008 - 00:20
User Badges:


Hi there,


1. Did you checked wether you configured Default-Gateway correctly / not?


2. are you able to communicate between your 2950s & what L3.



Regards,

Naidu.

Actions

This Discussion