10-26-2011 03:50 AM
Hi
Would it be possible to change output style of "sh running-config" in SF-300 switches to Cisco IOS-like format (eg.: options related to the specific interface put together, add tabs) in the next release? That would be much more readable.
Thanks for any replay.
10-26-2011 05:27 AM
Hi Bartosz,
I will forward this feature request off to the product manager..
If you would be so kind as to send contact details to dhornste at cisco.com ( remove spaces and replace 'at' with @) I want to dig a little deeper into your request.
regards Dave
10-26-2011 06:29 AM
Witam
The main thing is that "sh running-config" command in SF-300 is unreadable:
==== This is listing from SF-300:
interface gigabitethernet3
lldp med disable
exit
interface gigabitethernet4
lldp med disable
exit
interface vlan 1
ip address 10.0.1.102 255.255.255.0
exit
ip default-gateway 10.0.1.1
ip dhcp information option
interface vlan 1
no ip address dhcp
exit
no boot host auto-config
no bonjour enable
ip access-list extended ACL_PORT_1
permit ip 10.0.1.9 0.0.0.0 any
deny ip any any
exit
ipv6 access-list ACL6_PORT_1
permit ipv6 2001:e::1/128 any
deny ipv6 any any
exit
interface fastethernet1
service-acl input ACL_PORT_1 ACL6_PORT_1
=== And this is listing from C2950:
ip ssh time-out 120
ip ssh authentication-retries 3
ip ssh version 2
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
switchport access vlan 100
switchport mode access
ip access-group 101 in
spanning-tree portfast
spanning-tree bpdufilter enable
!
interface FastEthernet0/2
switchport access vlan 100
switchport mode access
ip access-group 102 in
spanning-tree portfast
spanning-tree bpdufilter enable
!
interface FastEthernet0/3
switchport access vlan 100
switchport mode access
ip access-group 103 in
spanning-tree portfast
spanning-tree bpdufilter enable
The commands are almost the same but the way in which they are presetend are totaly different. Main advantages are:
- all options related to a specific interface are in one place
- sections are divided by using "!" mark
- suboptions are prepended by a single space.
Is this possible to modify the output of this command in SF-300 in such a way?
Best regards
Bartosz Kois
Dnia 26-10-2011 o 14:27 otrzymano wiadomość od dhornste
David Hornstein David Hornstein created the discussion
"Re: SF-300 sh running-config output"
To view the discussion, visit: https://supportforums.cisco.com/message/3475061#3475061
10-26-2011 09:59 AM
Yes, we're already working on it. The next major firmware version for the 300 Series switches will support what you're looking for.
Ivor
10-26-2011 10:09 AM
Hi
That`s great. Could you tell me what is the expected EOL for this switch. I`m asking because we are planing to buy around 25 units in the next year for our network as a access switches.
Best regards
Bartosz Kois
10-26-2011 10:10 AM
No EOL plans. This product was released just last year.
10-28-2011 06:57 AM
Hi
There is one more thing I`d like to report. Please compare the speed of CLI interface on Putty and Linux SSH client. There is something that let SSH Linux client display data faster than on Putty.
Best regards
Bartosz Kois
Dnia 26-10-2011 o 19:11 otrzymano wiadomość od idiedric
Ivor Diedricks Ivor Diedricks created the discussion
"Re: SF-300 sh running-config output"
To view the discussion, visit: https://supportforums.cisco.com/message/3475374#3475374
10-31-2011 05:54 AM
Hi
There is also one missing option that I have found during tests. In “config-ip-al” submenu there is no “no” option that allow administrator to delete a specific rule. In case I want to modify a single rule I have to delete access-list and compose it from the beginning.
SWITCH-TEST(config-ip-al)#
deny A deny-ip condition blocks traffic if the conditions
define in the deny statement are matched.
do execute an EXEC-level command
end Exit from configure mode
exit Exit from current context
help Description of the interactive help system
permit A permit condition forward traffic if the conditions
define in the permit statement are matched.
Could you add that in the next release?
Best regards
Bartosz Kois
11-01-2011 09:59 AM
Hi Sir,
Related to ACL Binding issue, we like to know more details from you. Please help. What I understand is that one ACL e.g. Rule1 can bind to one interface e.g. fa1, but you like to bind this ACL "Rule1" to other interfaces e.g. fa2, and fa3. However, you cannot bind this Rule1 to fa2 and fa3 via CLI command. Am I right?
Please kindly advice. Thank you.
11-01-2011 10:58 AM
Hi
My main goal is to provide some security for my network. In this case I want to allow just one specific ip address on each interface. To achive that I configured one acl per each interface (ACL_PORT_1, ACL_PORT_2 etc. …) and bind the respectively to interfaces. The problem is that somehow (in my configuration) traffic on Fa1 port is limited to ACL_PORT_1, but acl on port Fa2 and Fa3 doesn’t work at all (I can send traffic on Fa2 and Fa3 from any ip address).
Best regards
Bartosz Kois
11-01-2011 09:53 PM
Thank you for the reply. We will look into the details and give you update asap.
10-31-2011 10:23 AM
Hi
I`ve probably found another bug. With my test configuration (included in the attachment) access lists apply only to traffic on fa1 port and not for fa2 and fa3 (on fa1 traffic is limted only to specified host whereas on fa2 and fa3 I can pass traffic from any host).
Another thing is that during reload switch should first disconnect SSH session otherwise session hangs.
Best regards
Bartosz Kois
Dnia 26-10-2011 o 19:11 otrzymano wiadomość od idiedric
Ivor Diedricks Ivor Diedricks created the discussion
"Re: SF-300 sh running-config output"
To view the discussion, visit: https://supportforums.cisco.com/message/3475374#3475374
11-14-2011 03:02 PM
Hi
May I ask when it will be available.
Best regards
Bartosz Kois
11-14-2011 10:47 PM
Hi Sir,
We will add "no" ACE command available in the future release. Thank you to point us out.
Meanwhile, we could able to re-produce the ACL binding issue in our lab. We're investigating this issue now. Will update you once we found out the root cause. Thank you.
11-21-2011 04:25 PM
Hi Sir,
We found out the root cause of ACL binding problem. We will fix this problem. Thank you and report this issue to our attention.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide