Summary of the content on the page No. 1
Catalyst 3750-X and 3560-X Switch
Software Configuration Guide
Cisco IOS Release 12.2(53)SE2
May 2010
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Text Part Number: OL-21521-01
Summary of the content on the page No. 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE
Summary of the content on the page No. 3
CONTENTS Preface xlix Audience xlix Purpose xlix Conventions xlix Related Publications l Obtaining Documentation and Submitting a Service Request li CHAPTER 1 Overview 1-1 Features 1-1 Deployment Features 1-2 Performance Features 1-4 Management Options 1-5 Manageability Features 1-6 Availability and Redundancy Features 1-8 VLAN Features 1-9 Security Features 1-9 QoS and CoS Features 1-12 Layer 3 Features 1-14 Power over Ethern
Summary of the content on the page No. 4
Contents Understanding no and default Forms of Commands 2-4 Understanding CLI Error Messages 2-4 Using Configuration Logging 2-4 Using Command History 2-5 Changing the Command History Buffer Size 2-5 Recalling Commands 2-6 Disabling the Command History Feature 2-6 Using Editing Features 2-6 Enabling and Disabling Editing Features 2-6 Editing Commands through Keystrokes 2-7 Editing Command Lines that Wrap 2-8 Searching and Filtering Output of show and
Summary of the content on the page No. 5
Contents Modifying the Startup Configuration 3-16 Default Boot Configuration 3-17 Automatically Downloading a Configuration File 3-17 Specifying the Filename to Read and Write the System Configuration 3-17 Booting Manually 3-18 Booting a Specific Software Image 3-19 Controlling Environment Variables 3-20 Scheduling a Reload of the Software Image 3-22 Configuring a Scheduled Reload 3-22 Displaying Scheduled Reload Information 3-23 CHAPTER 4 Configuring Ci
Summary of the content on the page No. 6
Contents Stack Member Priority Values 5-8 Switch Stack Offline Configuration 5-8 Effects of Adding a Provisioned Switch to a Switch Stack 5-9 Effects of Replacing a Provisioned Switch in a Switch Stack 5-10 Effects of Removing a Provisioned Switch from a Switch Stack 5-10 Hardware Compatibility and SDM Mismatch Mode in Switch Stacks 5-10 Switch Stack Software Compatibility Recommendations 5-11 Stack Protocol Version Compatibility 5-11 Major Version Number Incomp
Summary of the content on the page No. 7
Contents Hardware Loopback Example: LINK OK event 5-30 Hardware Loop Example: LINK NOT OK Event 5-31 Finding a Disconnected Stack Cable 5-32 Fixing a Bad Connection Between Stack Ports 5-33 CHAPTER 6 Clustering Switches 6-1 Understanding Switch Clusters 6-2 Cluster Command Switch Characteristics 6-3 Standby Cluster Command Switch Characteristics 6-3 Candidate Switch and Cluster Member Switch Characteristics 6-4 Planning a Switch Cluster 6-4 Automatic Dis
Summary of the content on the page No. 8
Contents Configuring NTP 7-4 Default NTP Configuration 7-4 Configuring NTP Authentication 7-4 Configuring NTP Associations 7-5 Configuring NTP Broadcast Service 7-6 Configuring NTP Access Restrictions 7-8 Configuring the Source IP Address for NTP Packets 7-10 Displaying the NTP Configuration 7-11 Configuring Time and Date Manually 7-11 Setting the System Clock 7-11 Displaying the Time and Date Configuration 7-12 Configuring the Time Zone 7-12 Co
Summary of the content on the page No. 9
Contents CHAPTER 8 Configuring SDM Templates 8-1 Understanding the SDM Templates 8-1 Dual IPv4 and IPv6 SDM Templates 8-2 SDM Templates and Switch Stacks 8-3 Configuring the Switch SDM Template 8-4 Default SDM Template 8-4 SDM Template Configuration Guidelines 8-4 Setting the SDM Template 8-5 Displaying the SDM Templates 8-6 CHAPTER 9 Configuring Catalyst 3750-X StackPower 9-1 Understanding StackPower 9-1 StackPower Modes 9-2 Power Priority 9
Summary of the content on the page No. 10
Contents Default TACACS+ Configuration 10-13 Identifying the TACACS+ Server Host and Setting the Authentication Key 10-13 Configuring TACACS+ Login Authentication 10-14 Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 10-16 Starting TACACS+ Accounting 10-17 Displaying the TACACS+ Configuration 10-17 Controlling Switch Access with RADIUS 10-17 Understanding RADIUS 10-18 RADIUS Operation 10-19 RADIUS Change of Authorization
Summary of the content on the page No. 11
Contents Configuring SSH 10-46 Configuration Guidelines 10-46 Setting Up the Switch to Run SSH 10-46 Configuring the SSH Server 10-47 Displaying the SSH Configuration and Status 10-48 Configuring the Switch for Secure Socket Layer HTTP 10-49 Understanding Secure HTTP Servers and Clients 10-49 Certificate Authority Trustpoints 10-49 CipherSuites 10-51 Configuring Secure HTTP Servers and Clients 10-51 Default SSL Configuration 10-51 SSL Configuration G
Summary of the content on the page No. 12
Contents 802.1x Authentication with Downloadable ACLs and Redirect URLs 11-17 Cisco Secure ACS and Attribute-Value Pairs for the Redirect URL 11-17 Cisco Secure ACS and Attribute-Value Pairs for Downloadable ACLs 11-18 VLAN ID-based MAC Authentication 11-18 802.1x Authentication with Guest VLAN 11-19 802.1x Authentication with Restricted VLAN 11-20 802.1x Authentication with Inaccessible Authentication Bypass 11-20 Support on Multiple-Authentication Ports 11-21
Summary of the content on the page No. 13
Contents Configuring 802.1x Violation Modes 11-41 Configuring 802.1x Authentication 11-41 Configuring the Switch-to-RADIUS-Server Communication 11-43 Configuring the Host Mode 11-44 Configuring Periodic Re-Authentication 11-45 Manually Re-Authenticating a Client Connected to a Port 11-46 Changing the Quiet Period 11-47 Changing the Switch-to-Client Retransmission Time 11-47 Setting the Switch-to-Client Frame-Retransmission Number 11-48 Setting the Re-Authent
Summary of the content on the page No. 14
Contents Session Creation 12-3 Authentication Process 12-3 Local Web Authentication Banner 12-4 Web Authentication Customizable Web Pages 12-6 Guidelines 12-6 Web-based Authentication Interactions with Other Features 12-7 Port Security 12-7 LAN Port IP 12-8 Gateway IP 12-8 ACLs 12-8 Context-Based Access Control 12-8 802.1x Authentication 12-8 EtherChannel 12-8 Configuring Web-Based Authentication 12-9 Default Web-Based Authentication Conf
Summary of the content on the page No. 15
Contents EtherChannel Port Groups 13-6 10-Gigabit Ethernet Interfaces 13-7 Power over Ethernet Ports 13-7 Supported Protocols and Standards 13-7 Powered-Device Detection and Initial Power Allocation 13-8 Power Management Modes 13-9 Power Monitoring and Power Policing 13-10 Connecting Interfaces 13-12 Using the Switch USB Ports 13-13 USB Mini-Type B Console Port 13-13 Console Port Change Logs 13-13 Configuring the Console Media Type 13-14 Configur
Summary of the content on the page No. 16
Contents Monitoring and Maintaining the Interfaces 13-45 Monitoring Interface Status 13-45 Clearing and Resetting Interfaces and Counters 13-46 Shutting Down and Restarting the Interface 13-47 CHAPTER 14 Configuring Auto Smartports Macros 14-1 Understanding Auto Smartports and Static Smartports Macros 14-1 Auto Smartports and Cisco Medianet 14-2 Configuring Auto Smartports 14-3 Default Auto Smartports Configuration 14-3 Auto Smartports Configuration Guidelin
Summary of the content on the page No. 17
Contents Configuring Extended-Range VLANs 15-10 Default VLAN Configuration 15-10 Extended-Range VLAN Configuration Guidelines 15-10 Creating an Extended-Range VLAN 15-11 Creating an Extended-Range VLAN with an Internal VLAN ID 15-13 Displaying VLANs 15-14 Configuring VLAN Trunks 15-14 Trunking Overview 15-14 Encapsulation Types 15-16 IEEE 802.1Q Configuration Considerations 15-17 Default Layer 2 Ethernet Interface VLAN Configuration 15-17 Configuring
Summary of the content on the page No. 18
Contents VTP Advertisements 16-4 VTP Version 2 16-4 VTP Version 3 16-5 VTP Pruning 16-6 VTP and Switch Stacks 16-7 Configuring VTP 16-8 Default VTP Configuration 16-8 VTP Configuration Guidelines 16-9 Domain Names 16-9 Passwords 16-9 VTP Version 16-10 Configuration Requirements 16-11 Configuring VTP Mode 16-11 Configuring a VTP Version 3 Password 16-13 Configuring a VTP Version 3 Primary Server 16-14 Enabling the VTP Version 16-14
Summary of the content on the page No. 19
Contents Private-VLAN Interaction with Other Features 18-4 Private VLANs and Unicast, Broadcast, and Multicast Traffic 18-4 Private VLANs and SVIs 18-5 Private VLANs and Switch Stacks 18-5 Configuring Private VLANs 18-5 Tasks for Configuring Private VLANs 18-6 Default Private-VLAN Configuration 18-6 Private-VLAN Configuration Guidelines 18-6 Secondary and Primary VLAN Configuration 18-6 Private-VLAN Port Configuration 18-8 Limitations with Other Features
Summary of the content on the page No. 20
Contents Spanning-Tree Topology and BPDUs 20-3 Bridge ID, Switch Priority, and Extended System ID 20-4 Spanning-Tree Interface States 20-5 Blocking State 20-6 Listening State 20-7 Learning State 20-7 Forwarding State 20-7 Disabled State 20-7 How a Switch or Port Becomes the Root Switch or Root Port 20-8 Spanning Tree and Redundant Connectivity 20-8 Spanning-Tree Address Management 20-8 Accelerated Aging to Retain Connectivity 20-9 Spanning-Tree M