Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Shut down Port / Vlan / 3560

I need to shut down access to the network for a specific time frame.  I would like to do this to a remote switch.  As an example;  Vlan 220 or ports gig 0/1, 0/3-7 and gig 0/9 or if need be the entire switch from ; 1830 - 0100 hours 31 Dec 09.  I am using Putty and SSH.

Thanks

Pat

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Shut down Port / Vlan / 3560

The examples as written will shutdown the layer 3 VLAN 220 interface on the local switch only.  If those switches are not routing that VLAN, and you want to shutdown the layer 2 VLAN, then replace the interface command with:

"vlan 220"

This, of course, assumes these switches are in VTP transparent mode.  However, if there are other commands you want to run, you can modify the applets accordingly.  Essentially, you can run any CLI commands within an applet that you would normally run manually.

10 REPLIES
Cisco Employee

Re: Shut down Port / Vlan / 3560

What version of code is running on the switch in question?  It sounds like a local EEM solution would be best here.

Re: Shut down Port / Vlan / 3560

Ver 12.2(50)SE3, I am not familar with EEM.

Cisco Employee

Re: Shut down Port / Vlan / 3560

You could accomplish what you want using two EEM applet policies.  For example, if you configure the following in your switch's config, then interface Vlan 220 will go down at 1830 on 12/31, and come back up at 0100 on 1/1:

event manager applet shutdown-vlan

event timer cron cron-entry "30 18 31 12 *"

action 1.0 cli command "enable"

action 2.0 cli command "config t"

action 3.0 cli command "int vlan220"

action 4.0 cli command "shut"

action 5.0 cli command "end"

event manager applet noshut-vlan

event timer cron cron-entry "0 1 1 1 *"

action 1.0 cli command "enable"

action 2.0 cli command "config t"

action 3.0 cli command "int vlan220"

action 4.0 cli command "no shut"

action 5.0 cli command "end"

You could adapt these examples to shutdown additional ports as required.

Re: Shut down Port / Vlan / 3560

J,

It appears that these commands can only be run on the Router, in my case 6509, Cisco IOS Software, s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(33)SXH3, RELEASE SOFTWARE (fc1).

I only want to shut down vlan 220 on two remote switches only for the specific time.  Will your provided code shut down the Vlan in the entire network or only the two specific switches, 000.000.000.001 and 000.000.000.002, I need the vlan to stay up on all the other switches.

Thanks

Pat

event manager applet shutdown-vlan
event timer cron cron-entry "30 18 31 12 *"
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "int vlan220"
action 4.0 cli command "shut"
action 5.0 cli command "end"

event manager applet noshut-vlan
event timer cron cron-entry "0 1 1 1 *"
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "int vlan220"
action 4.0 cli command "no shut"
action 5.0 cli command "end"

Cisco Employee

Re: Shut down Port / Vlan / 3560

The examples as written will shutdown the layer 3 VLAN 220 interface on the local switch only.  If those switches are not routing that VLAN, and you want to shutdown the layer 2 VLAN, then replace the interface command with:

"vlan 220"

This, of course, assumes these switches are in VTP transparent mode.  However, if there are other commands you want to run, you can modify the applets accordingly.  Essentially, you can run any CLI commands within an applet that you would normally run manually.

Re: Shut down Port / Vlan / 3560

J,

Once again THANK YOU.......

Pat

Re: Shut down Port / Vlan / 3560

J,

Is there a particular book you could recommend that a novice could get to assist in the understanding and use of EEM?

Thanks

Pat

Cisco Employee

Re: Shut down Port / Vlan / 3560

Blue

Re: Shut down Port / Vlan / 3560

IDEEM from http://www.nidussoft.com/ is a commercial IDE for EEM: "...syntax checking, event and action wizards, policy management, compatibility verification, event simulation and Tcl policy debugging." It would seem to be a nice aid to EEM novices.

Cisco Employee

Re: Shut down Port / Vlan / 3560

I've used IDEEM, and if you want to get into Tcl scripting, it's greate for coming up to speed quickly.  However, if you just want to stick with applets, it may be overkill.  I'd say try it out to see if you like it, but they pulled their demo version a while back.

1900
Views
0
Helpful
10
Replies
CreatePlease login to create content