LAN ports are amber after download config using TFTP

Dec 9th, 2008


I'm struggling with download of a config file from a serverlocation to a 3560 switch. I recieved a new switch and configured it manually. Ahtis this succesfull action and tested the config, I uploaded this config using TFTP to a server location. I clreaed the config on this switch ( reset to factory), connected the switch with a LAN port to the network, booted up the switch, connected via console to the switch and downloaded the saved config from server location to the switch using TFTP. All seems to be ok, but when I connect the switch with fiber to the network, Fiber is OK but all LAN ports are AMBER.

speed and duplew set to auto,no shutdown, same problem

anyone some ideas

Davy Ad Tue, 12/09/2008 - 05:39


What type of interface is that port , check that is capable of Fibre optic(Gigaethernet). Also check your fibre as well.It could be the configuration you upload from TFTP Server has different interface as what you have now.Are the switch the same model?



Wernerke01 Tue, 12/09/2008 - 05:41


all ports are fastethernet ports directly connected to PC

Gigabit ports are working fine

Wernerke01 Tue, 12/09/2008 - 06:18

GENNDSEFLO20#sh inf fa 0/1 fa 0/1

FastEthernet0/1 is up, line protocol is up (connected)

Hardware is Fast Ethernet, address is 0019.aac4.6c03 (bia 0019.aac4.6c03)

Description: USER - vlan 2 backbone

MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Full-duplex, 100Mb/s, media type is 10/100BaseTX

input flow-control is off, output flow-control is unsupported

ARP type: ARPA, ARP Timeout 04:00:00

Last input never, output 00:00:04, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

333 packets input, 65088 bytes, 0 no buffer

Received 333 broadcasts (0 multicast)

0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 watchdog, 0 multicast, 0 pause input

0 input packets with dribble condition detected

376 packets output, 35344 bytes, 0 underruns

0 output errors, 0 collisions, 1 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier, 0 PAUSE output

0 output buffer failures, 0 output buffers swapped out

Mark Yeates Tue, 12/09/2008 - 06:21


Have you created the layer 2 VLAN on the switch?

switch#conf t

switch(config)#vlan 2



Wernerke01 Tue, 12/09/2008 - 06:33

interface FastEthernet0/41

description USER - vlan 2 backbone

switchport access vlan 2

no snmp trap link-status

no cdp enable

spanning-tree portfast

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,2,1002-1005

switchport mode trunk

udld port

spanning-tree vlan 1-3 cost 5


interface Vlan1

description NMS default VLAN

ip address

no ip route-cache

no snmp trap link-status


this config I entered first manually and this works.

Only when I install the config using TFTP I have the problem

Mark Yeates Tue, 12/09/2008 - 06:51

Add the following to your TFTP config.

vlan 2

name User VLAN

If this does not help, please post your TFTP config.


viyuan700 Tue, 12/09/2008 - 07:10

As suggested by Mark check have you created vlan2 before you assign port to that vlan.

Light is amber when STP is blocking . Can you check is spanning tree is blocking ur ports

Wernerke01 Wed, 12/10/2008 - 01:20

conf t VLAN 2

int vlan 2

description user - vlan 2 backbone

No ip address

same problem

sh spanning-tree blockedports

no ports blocked

can you tell me what need to be configured for TFTP? Is this realy needed as i can download the complete config from tftp server.

just asking as I'm not so familar with this.

Mark Yeates Wed, 12/10/2008 - 06:48

There shouldn't be anything special to configure the switch from TFTP. Are you able to post the TFTP config?


Wernerke01 Wed, 12/10/2008 - 07:23

do you mean the configuration that will be downloaded by TFTP

for the moment when entering after reboot switch

conf t

Vlan 2

no shutdown

it works

Mark Yeates Wed, 12/10/2008 - 07:30

Yes the configuration downloaded by TFTP. If that is the solution that works for you just add "no shutdown" under VLAN 2 on your TFTP configuration.

Wernerke01 Wed, 12/10/2008 - 07:57

I entered the command no shutdown for vlan 2

and ports are working

did then a copy run to start

uploaded config to server with TFTP

Copy system:/running-config tftp://........B

Copy startup-config tftp://........S

downloaded the running config using TFTP to the switch same problem after manually no shutdown" under VLAN 2 it's working

reseted the switch

downloaded the startup config using TFTP to the switch same problem after manually "no shutdown" under VLAN 2 it's working

viyuan700 Wed, 12/10/2008 - 08:50

Hi Mark and Werner,

Noticed few things in the config,

1. All the ports are in vlan 2 but no IP address for vlan2

2. fast Ethernet interface 0/48 is in vlan 3

3. load sharing is defined for fast Ethernet port 0/48 and Gig0/1. Fast Ethernet is allowed to pass vlan 1-2. First it is in vlan 3 , second if has to pass vlan 2 to other switch then it should be trunk port not access port

4. gigabit Ethernet 0/1 has priority for vlan 1-3 but only vlan allowed is 1-2, 1002-1005.If it has priority for vlan 3 then why it is blocking vlan 3.

From your config looks like that this switch is connected to other switch which has ports in vlan 1 and 3 as all the ports in this switch are for vlan 2. You have defined load sharing between 2 switches on int f0/48 and gig 0/1. Int f0/48 have to be in trunk mode if it is passing vlan 2 infor to other switch Int f0/48 is allowing vlan 1-2

gig 0/1 is allowing vlan 1-3 but vlan 3 is blocked so this port is also allowing vlan 1-2.

This ismy understanding from yourconfig, could you please how ur network diagram is?

Wernerke01 Thu, 12/11/2008 - 00:37

Hi guys,

the file GENNDSEFLO20Manully.txt is the config I put in manually using PUTTY. I connect the switch to the network and all is working fine. Then I upload this config to a server using TFTP, the file GENNDSEFLO20TFTP.txt is the config that's coming out at that moment.

IF you compare both configs the command "no shutdown" is not listed anymore.

For port 48 it was configured this way by A HP engineer as this port has to take over all the traffic when fiber is going down. Port 48 is connected to an other switch also port 48 with the wame config, redundancy. All our floor switches are configered the same way and are connected with fiber to 2 coreswitches.

lejoe.thomas Thu, 12/11/2008 - 05:42

Hi Werner,

If fa0/48 is connected to another switch, please remove spanning-tree portfast under the interface. If fa0/48 is to takeover when Gigabit interfaces goes down, in the current topology it supposed to be a blocked port in STP. As you have indicated there are no blocked ports.

portfast should only be enabled on ports connected to hosts. In this case, it could create STP loops, which is could possibly be a reason why all switch ports are going amber.

under int fa0/48

no spanning-tree portfast



Wernerke01 Thu, 12/11/2008 - 23:22

Hi Lejoe,

still same problem,

manually installation config no problemdownloading the working config using TFTP, ports still amber but after no shutdown vlan 2 it's working.

seems that the command no shutdown is lost some where

lejoe.thomas Fri, 12/12/2008 - 01:44

Hi Werner,

If you made the correction and there's probably loop in the topology, you could reboot the device during offhours and see if the problem goes. Please also provide output of the following

show spanning-tree

show vlans

show running-config



viyuan700 Fri, 12/12/2008 - 13:43

Hi Werner,

Looks like the problem is not with spanning tree.

As i conneceted 2 switch one port was access like ur port 48 and other in trunk mode like ur Gig 0/1port. Defined portfast on port 48.

Though port 48 is port fast when i connect 2 switches the access port turn amber (means its blocking). Trunk port is in forwarding state.

But other ports which are connect to host are fine.

Did u check all ports when they are amber are they in blocking state or something else?

glen.grant Sun, 12/14/2008 - 03:22

Sounds like you configured your switch as a vtp server as such the vlan info is saved in the vlan.dat file which is not part of the config file so any layer 2 vlans you created would not should up in the running config , one of the gotchas of vtp . So when you downloaded the config file it had no layer 2 vlans defined other than vlan 1 which is the default vlan so any port that was in a vlan other than vlan 1 showed amber because it was in a inactive state because there was no layer 2 vlan created for the port definition. If you change the config to vtp transparent mode it will save that info in the running config and you can save it to your tftp server with everything intact. There is nothing special about transferring from a tftp server other than if you are using a unix tftp server then make sure the file permissions are correct . Change your vtp mode to transparent and see what happens .


