cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3454
Views
0
Helpful
10
Replies

Shut down Port / Vlan / 3560

I need to shut down access to the network for a specific time frame.  I would like to do this to a remote switch.  As an example;  Vlan 220 or ports gig 0/1, 0/3-7 and gig 0/9 or if need be the entire switch from ; 1830 - 0100 hours 31 Dec 09.  I am using Putty and SSH.

Thanks

Pat

1 Accepted Solution

Accepted Solutions

The examples as written will shutdown the layer 3 VLAN 220 interface on the local switch only.  If those switches are not routing that VLAN, and you want to shutdown the layer 2 VLAN, then replace the interface command with:

"vlan 220"

This, of course, assumes these switches are in VTP transparent mode.  However, if there are other commands you want to run, you can modify the applets accordingly.  Essentially, you can run any CLI commands within an applet that you would normally run manually.

View solution in original post

10 Replies 10

Joe Clarke
Cisco Employee
Cisco Employee

What version of code is running on the switch in question?  It sounds like a local EEM solution would be best here.

Ver 12.2(50)SE3, I am not familar with EEM.

You could accomplish what you want using two EEM applet policies.  For example, if you configure the following in your switch's config, then interface Vlan 220 will go down at 1830 on 12/31, and come back up at 0100 on 1/1:

event manager applet shutdown-vlan

event timer cron cron-entry "30 18 31 12 *"

action 1.0 cli command "enable"

action 2.0 cli command "config t"

action 3.0 cli command "int vlan220"

action 4.0 cli command "shut"

action 5.0 cli command "end"

event manager applet noshut-vlan

event timer cron cron-entry "0 1 1 1 *"

action 1.0 cli command "enable"

action 2.0 cli command "config t"

action 3.0 cli command "int vlan220"

action 4.0 cli command "no shut"

action 5.0 cli command "end"

You could adapt these examples to shutdown additional ports as required.

J,

It appears that these commands can only be run on the Router, in my case 6509, Cisco IOS Software, s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(33)SXH3, RELEASE SOFTWARE (fc1).

I only want to shut down vlan 220 on two remote switches only for the specific time.  Will your provided code shut down the Vlan in the entire network or only the two specific switches, 000.000.000.001 and 000.000.000.002, I need the vlan to stay up on all the other switches.

Thanks

Pat

event manager applet shutdown-vlan
event timer cron cron-entry "30 18 31 12 *"
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "int vlan220"
action 4.0 cli command "shut"
action 5.0 cli command "end"

event manager applet noshut-vlan
event timer cron cron-entry "0 1 1 1 *"
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "int vlan220"
action 4.0 cli command "no shut"
action 5.0 cli command "end"

The examples as written will shutdown the layer 3 VLAN 220 interface on the local switch only.  If those switches are not routing that VLAN, and you want to shutdown the layer 2 VLAN, then replace the interface command with:

"vlan 220"

This, of course, assumes these switches are in VTP transparent mode.  However, if there are other commands you want to run, you can modify the applets accordingly.  Essentially, you can run any CLI commands within an applet that you would normally run manually.

J,

Once again THANK YOU.......

Pat

J,

Is there a particular book you could recommend that a novice could get to assist in the understanding and use of EEM?

Thanks

Pat

IDEEM from http://www.nidussoft.com/ is a commercial IDE for EEM: "...syntax checking, event and action wizards, policy management, compatibility verification, event simulation and Tcl policy debugging." It would seem to be a nice aid to EEM novices.

I've used IDEEM, and if you want to get into Tcl scripting, it's greate for coming up to speed quickly.  However, if you just want to stick with applets, it may be overkill.  I'd say try it out to see if you like it, but they pulled their demo version a while back.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco