03-23-2008 04:54 AM - edited 03-05-2019 09:55 PM
I have a 2950 I inherited, I Did not know the passwrod so I cleared the flas using the instructions from Cisco. I than proceeded to configure the switch many ways. The first was was using a excel template I found and I was able to connect throught the console port no problems and confiure the swtich I also was able to put the switch in Express set up mode. No here is the conunrum After i configure the switch and put the ports into up up mode I connect a ethernet cable to the first 10/100 port or any 10/100 port fot that matter and I the port goes into the proper mode 100MB I also get green link light on the switch and the pc detects the link. But i never get any ethernet traffic to pass. Also if i put the switch into express setup and connect to ethernet port i get no address and cannot connect i have even given the pc fixed address still nothing and yes the four lights are solid to confirm switch is in express setup mode. So to re-iterate i can connect to the cosole and look at everyhing on the switch, but nothing on ethernet seems to work proeperly. I a new to these switches so what am I oing wrong or how can i fault find to determine whats wrong? What am missing help.
03-23-2008 06:12 AM
Hi Carl,
My first question is: how did you check that no traffic is passing between the PC and the switch?
If the traffic check is correct, I would check the auto-negotiation setup of the switch port and the PC port.
The best would be if both were configured for "speed 100" and "duplex full".
Also check, if you connect from the PC to the switch with a straight-through cable.
If these don't work, then I would like to see the interface config by using the output of the following command:
"sh run interface fa0/1" or the interface you are using.
Thank you:
Istvan
03-23-2008 07:41 AM
TCPdump on both sides of switch and connected it to the production network.
I have set the speed and duplex on the swtich to 100 full.
Definatly a straight through( heh heh) I have just never played with these switches before.
here is output.
Switch#sh run interface fa0/1
Building configuration...
Current configuration : 57 bytes
!
interface FastEthernet0/1
speed 100
duplex full
end
Switch#
I went through these instructions as well
SW2950>en
SW2950#conf t
SW2950(config)#int vlan1
SW2950(config-if)#ip add 192.168.1.2 255.255.255.0
SW2950(config-if)no shut
SW2950(config-if)
SW2950#wr mem
SW2950#
Then configure your PC with the following IP configuration,
IP Address: 192.168.1.3
Netmask: 255.255.255.0
Then configure the enable secret password and the VTY lines on the switch
SW2950#conf t
SW2950(config)#enable secret
SW2950(config)#line vty 0 15
SW2950(config-line)#password
SW2950(config-line)#login
SW2950(config-line)#transport input all
SW2950(config-line)#logging synch
SW2950(config-line)#
SW2950#wr mem
SW2950#
and these are the results from that config.
OK went through this it was similar to the spreadsheet. But went through again and the results were similar I can ping the switch but still cannot ssh to it nor access via web, nor deos it allow any other traffic across ( ie cannot access internet web resources if i connect it to production network) But even standalone cannot access the switch via http or ssh.. but i ca ping it.
03-23-2008 06:28 AM
Hi There
Have you configured an IP address on the Vlan1 interface on the switch?
To enable you to connect to the switch via Ethernet you need to have an IP address on the switch and an IP within the same range on the PC.
You do this by creating the VLAN1 interface if it is not already present, applying an IP address and opening up the interface.
SW2950>en
SW2950#conf t
SW2950(config)#int vlan1
SW2950(config-if)#ip add 192.168.1.2 255.255.255.0
SW2950(config-if)no shut
SW2950(config-if)
SW2950#wr mem
SW2950#
Then configure your PC with the following IP configuration,
IP Address: 192.168.1.3
Netmask: 255.255.255.0
Then configure the enable secret password and the VTY lines on the switch
SW2950#conf t
SW2950(config)#enable secret
SW2950(config)#vty line 0 15
SW2950(config-line)#password
SW2950(config-line)#login
SW2950(config-line)#transport input all
SW2950(config-line)#logging synch
SW2950(config-line)#
SW2950#wr mem
SW2950#
Connect the PC to the switch using a straight through CAT5 cable and make sure that the speed and duplex on both the port on the PC and the port on the Switch match.
You should now be able to ping, telnet, ssh to the switch from the PC.
HTH
Best Regards,
Michael
03-23-2008 07:35 AM
OK went through this it was similar to the spreadsheet. But went through again and the results were similar I can ping the switch but still cannot ssh to it nor access via web, nor deos it allow any other traffic across ( ie cannot access internet web resources if i connect it to production network) But even standalone cannot access the switch via http or ssh.. but i ca ping it.
03-23-2008 08:27 AM
You would have to post your config and show us the ports that connect to the rest of the network. Also unless you have the crypto version of code on the switch and you have set up the switch for SSH you will not be able to SSH to it . ARe all the ports in vlan 1 ? If so and your uplinks are not trunked you should be able to plug it in and it should work but its hard to say without seeing the config.
03-23-2008 08:44 AM
I can easily send the entire config if you let me know the cmd to get it all.
03-23-2008 11:22 AM
Hi There
To show the entire configuration, use the command "show run" and post the output.
Also can you telnet to the switch?
I think that you require a cryptographic IOS image on the switch before you can use SSH. Can you also post the output from the command "show version". This will show us the IOS version on the switch.
Check out this link for more information on SSH on a 2950.
Best Regards,
Michael
03-23-2008 11:44 AM
Here is config.
Also cnnot telnet to the box either.
but ping works.
Current configuration : 1224 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
enable secret xxx
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
--More-- interface FastEthernet0/1
speed 100
duplex full
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
--More-- !
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
--More-- interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface Vlan1
ip address 192.168.1.9 255.255.255.0
no ip route-cache
!
ip http server
!
line con 0
line vty 0 4
logging synchronous
login
line vty 5 15
logging synchronous
login
!
!
end
Switch#
03-23-2008 05:41 PM
Hi There
There is no password configured under the VTY lines.
Please configure passwords and try to telnet again. If this fails then please post the error message you receive when you attempt to telnet to the switch.
Also please post the output from the command "show version" so we can see if you have a crypto image installed or not, as without a crypto image you will not be able to use SSH.
Best Regards,
Michael
03-23-2008 06:43 PM
I will assume this is a standalone switch and NOT connected to any
other switches.
From the console port:
switch>en
switch#conf t
switch(config)#user cisco pass cisco
switch(config)#enable sec cisco
switch(config)#int vlan 1
switch(config-if)#ip address 192.168.1.1 255.255.255.0
switch(config)-if#no shut
switch(config-if)#exit
switch(config)#interface F0/1
switch(config-if)#switchport
switch(config-if)#switch mode access
switch(config-if)#switch access vlan 1
switch(config-if)#no shut
switch(config-if)#interface f0/2
switch(config-if)#switchport
switch(config-if)#switch mode access
switch(config-if)#swtich access vlan 1
switch(config-if)#no shut
switch(config-if)#exit
switch(config)#line vty 0 15
switch(config)#login local
switch(config)#logging sync
switch(config)#exec-timeout 60 0
switch(config)#session-timeout 60 0
switch(config)#end
switch#
now connect your linux_1 into F0/1 and linux_2 into f0/2.
Assign linux_1 with ip address of 192.168.1.10/24 and linux_2
with an ip address of 192.168.1.20/24
Now linux_1 should be able to ping linux_2 and from either
Linux_1 or Linux_2, you can do this from the CLI:
telnet 192.168.1.1 with user/pass cisco/cisco
after that, go into enable mode with "cisco" as the enable
secret password.
CCIE Security
03-24-2008 12:20 AM
Hi there,
1. Did you checked wether you configured Default-Gateway correctly / not?
2. are you able to communicate between your 2950s & what L3.
Regards,
Naidu.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide