Guest

Cisco Catalyst Express 500 Series Switches

Catalyst 500 Series Switches Troubleshooting

Document ID: 71441

Updated: Jun 13, 2008

   Print

Introduction

This document provides information on how to troubleshoot common issues on the Cisco Catalyst 500 Series Switches. The goal of this document is to help you identify and fix some common issues as well as perform troubleshooting before you contact Cisco Technical Support. If you follow an orderly troubleshooting process and collect specific diagnostics, information that is necessary for resolution of the problem is not lost. If you refine the scope of the problem, you save valuable time as you work to locate a solution.

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

The information in this document is based on the Cisco Catalyst Express 500 Series Switches.

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

Background Information

The Catalyst Express switches provide networking for businesses with up to 250 employees. These switches provide network services to support data, voice, and mobile network demands. The services ensure transmission quality and reliability for data and voice traffic. They also provide security to protect against network attacks. You can simply install the switch and allow it to operate without any further management intervention. You can also take advantage of the embedded software features—tools to quickly and easily set up, customize, monitor, and troubleshoot the switch—in order to optimize your use of the switch.

In order to configure Cisco Catalyst Express 500 Series Switches for Smartport roles, VLANs, EtherChannels and to perform interVLAN routing with the Cisco Catalyst Express 500 Series Switch, refer to Catalyst Express 500 Series Switches Configuration Example.

Catalyst Express 500 Troubleshooting

This section brings the common issues faced with Cisco Catalyst Express 500 Switches and also the recommended action(s) in order to resolve the issues.

Switch GUI not Accessible or Device Manager is very slow to Respond or High CPU Utilization

The most frequently occurring issue with the switches is that the device manager (switch GUI) is either very slow to respond or is completely unaccessible. The performance of the GUI tends to slow down as CPU cycles of the switch are utilized by the IP ARP inspection process.

Complete these steps in order to disable the IP ARP inspection process and resolve this performance issue:

  1. Download CE500_New.zip and extract the CE500_New.html file to a PC/laptop directly connected to the Cisco Catalyst Express 500 Switch.

  2. Run the CE500_New.html file.

    cexp500-ts_3.gif

  3. Enter the IP address of the Cisco Catalyst Express 500 Switch and click Submit.

  4. You are prompted for the username and password of the switch (if configured).

  5. The script disables IP ARP inspection in the switch.

Unable to Configure the Switch with Windows Vista Host

When you connect a Host that runs the Microsoft Windows Vista OS, you get an IP but no default gateway and thus are unable to communicate with the CE500 switch.

This issue occurs because of a difference in design between Windows Vista and Windows XP Service Pack 2 (SP2). Specifically, in Windows XP SP2, the BROADCAST flag in DHCP discovery packets is set to 0 (disabled). In Windows Vista, the BROADCAST flag in DHCP discovery packets is not disabled. Therefore, some non-Microsoft DHCP servers cannot process the DHCP discovery packets.

As a workaround, you can upgrade to Cisco IOS® Software Release 12.2(25)SEG2 or later, which can be downloaded from Cisco Downloads (registered customers only) .

Refer to the Windows Vista cannot obtain an IP address from certain routers or from certain non-Microsoft DHCP servers Microsoft KB article for more information.

ARP Requests Generated with Multicast Source Address 0100.0ccd.cdcd

This problem is generally found with Catalyst Express 500 Switches when they are used in networks that implement Hot Standby Router Protocol (HSRP). When the HSRP switchover occurs, the switch confuses the PC clients with 0100.0ccd.cdcd as the MAC address of the gateway and PC clients are not able to reach the gateway. The issue is documented in Cisco bug ID CSCsd16871 (registered customers only) . Upgrade the switch to the latest Cisco IOS® Software release unaffected by the bug in order to resolve this issue.

Refer to Catalyst Express 500 Series Switches Software Image Upgrade Configuration Example for more information on how to upgrade the Cisco IOS Software release that runs on Cisco Catalyst Express 500 Series Switches.

Notifications Do Not Turn On the ALERT LED

In Cisco Catalyst Express 500 Series Switches that run Cisco IOS Software Release 12.2(25)FY, the ALERT LED glows whenever a problem condition of any severity occurs in the switch. But from Cisco IOS Software Release 12.2(25)SEG and later, Severity 5 (Notification) conditions on the switch no longer turn on the ALERT LED on the switch front panel. Severity 5 conditions continue to be listed in the Alert Log and Diagnostics reports.

The different severity levels available with Cisco Catalyst Express 500 Switches are:

  • Emergency (0)—The switch is unusable.

  • Alert (1)—The switch requires immediate action.

  • Critical (2)—The switch has a critical condition.

  • Error (3)—The switch has an error condition

  • Warning (4)—The switch has a warning condition.

  • Notifications (5)—The switch operates normally but has a significant condition.

Refer to the Check the Alert Log section of Monitoring - User Guide for the Catalyst Express 500 Switches, 12.2(25)FY for more information on the Alert log.

Cisco CallManagers Cannot be Configured in the Cisco-Voice VLAN

Cisco CallManagers and other voice related servers are not able to be configured as part of Cisco-Voice VLAN. The configuration is rejected by the GUI and this error message displays:

Error:
Only ports applied with the IP Phone+Desktop port 
role can be members of the Cisco-Voice VLAN

This issue is documented in Cisco bug ID CSCsc83027 (registered customers only) . Upgrade the switch to the latest Cisco IOS Software release unaffected by the bug in order to resolve this issue.

Refer to Catalyst Express 500 Series Switches Software Image Upgrade Configuration Example for more information on how to upgrade the Cisco IOS Software release that runs on Cisco Catalyst Express 500 Series Switches.

For Cisco IOS Software releases still affected by this issue, Cisco recommends this design workaround for implementing VoIP in the network.

  1. Create a new VLAN. For example, vlan-x.

  2. Assign the Cisco CallManagers and other voice related servers to the vlan-x VLAN. The ports can be of Smartport role Server and server type Trusted. This ensures the switch uses the same QoS settings as those configured for voice traffic.

  3. Assign the IP phones with the IP Phone+Desktop Smartport role to the Cisco-Voice VLAN.

  4. Connect a router to the switch in order to perform interVLAN routing between vlan-x and Cisco-Voice VLANs.

For information on how to create VLANs, configure Smartport roles and implement interVLAN routing with Cisco Catalyst Express 500 Series Switches, refer to Catalyst Express 500 Series Switches Configuration Example.

Roaming Issues with Access Points Connected to Catalyst Express 500 Switches

When wireless clients roam from one access point to another access point and both are connected to a Catalyst Express 500 Switch, they loose connectivity. The Cisco Catalyst Express 500 Switch Alert log displays this error message:

cexp500-ts_1.gif

Each Smartport role has maximum number of MAC addresses, which can be associated with the port. For the access point Smartport role, the number is limited to 30. Change the Smartport role to Switch in order to resolve the roaming of wireless clients between the access points.

cexp500-ts_2.gif

For information on how to create VLANs, configure Smartport roles and implement interVLAN routing with Cisco Catalyst Express 500 Series Switches, refer to Catalyst Express 500 Series Switches Configuration Example.

Duplex Issues after you Reload the Catalyst Express 500 Switch

The Gigabit Ethernet ports of Cisco Catalyst Express 500 Switches can lose the configured duplex settings and fall back to half-duplex after a reload. This can leave the remote device in a disconnected state. Configuring the port directly back to Speed 100 and Duplex Full does not bring up the connection. First configure the port for Auto Speed and Auto Duplex and then reconfigure it to your desired setting. This issue is documented in Cisco bug ID CSCsd47062 (registered customers only) . Upgrade the switch to the latest Cisco IOS Software release unaffected by the bug in order to resolve this issue.

Refer to Catalyst Express 500 Series Switches Software Image Upgrade Configuration Example for more information on how to upgrade the Cisco IOS Software release that runs on Cisco Catalyst Express 500 Series Switches.

Reset the Catalyst Express 500 Series Switches to Default Factory Settings

In certain situations, it is desirable to restore the Catalyst switch configuration to the original default factory settings. This is useful when you want to remove an undesirable configuration that is in the switch. If you have configured a switch and the configuration has become very complex, or if you want to move a switch from one network to another, or if you forget the password for the switch, you can reset the switch to factory defaults and configure it as a new switch. For the step-by-step procedure to reset the Cisco Catalyst Express 500 Series Switches to factory default settings, refer to Reset the Catalyst Express 500 Series Switches to Default Factory Settings.

Device Manager Port Utilization Graph 0% for Ports

The Cisco Catalyst Express 500 Switch Device Manager monitoring tools do not register any traffic load under 10%. In this case, your switch is probably not hitting the minimum threshold.

For monitoring traffic levels under 10% you need to use the mechanisms provided in Cisco Network Assistant (CNA) software. The CNA software is free for download from Downloads - Switches & Hubs Software (registered customers only) .

Duplex Mismatch Issues with SFP Fiber Modules

This is not a bug but an expected behavior with Catalyst Express 500 Series Switches with SFP fiber modules. GLC-GE-100xx SFP modules come up as half duplex by default. This causes this duplex mismatch.

You can manually change the settings to full duplex in order to overcome this issue. Cisco Network Assistant (CNA) can only be used to set these SFP modules to full duplex. The embedded device manager on the Catalyst Express 500 has a bug and cannot be used to set it to full duplex. The CNA software is free for download from the Software Download (registered customers only) page.

Access Denied to One or More Connecting Devices on this Port

In Cisco Catalyst Express 500 Switches, each type of smartport roles has a restriction on the number of hosts that can be connected to a port. If, for any reason, this threshold level is crossed, the switch starts to display a message similar to this:

2-Critical Port Fa7: Access denied to one or more 
connecting devices on this port. Maximum
allowed devices on this port are already connected, 
or an unauthorized device attempted to
connect on this secure port. Disconnect the device.

The table lists the maximum number of MAC addresses that can be seen on a port with a particular smartport role.

cexp500-ts_2.gif

If any unauthorized device is connected to the port, disconnect them. Or, if the port needs to have more devices than the specified limit, change the smartport role appropriately.

New smartport roles should be taken based on the requirements of your network. This table shows the general recommendation for changing the smartport role to overcome the maximum MAC address issue:

Current Smartport Role Suggested Smartport Role
desktop, ipphone, server, guest other
access-point switch

Event Notifications

Event notifications are not an integral part of Cisco Catalyst 500 Series Switches. But with the help of the Cisco Network Assistant, the users can get alerts when a new version of Cisco Network Assistant is available for download, when a potential issue arises with a device in your network, or if a configuration change is required. A dialog box provides all necessary information regarding the event such as time, description, and, if applicable, suggestions to resolve the issue.

The Cisco Network Assistant software is free for download from Downloads - Switches and Hubs Software (registered customers only) .

Slow Throughput on Switchports

The throughtput of a switchport can get slower if it is configured to a specific smartport role such as Switch, Router, Server, and so forth. As specific smartport roles have predefined QoS and/or trunk configurations, it can reduce the throughput of the switchport. This can be solved by configuring the port with the smartport role of Other.

Another common cause for this issue is the IP ARP Inspection process. This issue can also be solved when you run the IP ARP Inspection patch if the Cisco IOS software that runs on the switch is older than 12.2(25) SEG2. See the Switch GUI not Accessible or Device Manager is very slow to Respond or High CPU Utilization section of this document for running the IP ARP Inspection patch.

Undersized Frames on the Ports

When you use dot1q on a trunk interface, valid dot1q encapsulated packets that are 61-64 bytes including the q-tag are counted as undersized frames by the CE500, even though these packets are forwarded correctly and are not dropped. This is cosmetic in nature, and there is no workaround for this issue, unless you remove dot1q, since the hardware ASIC cannot be changed by software.

cexp500-ts_7.gif

Unable to Configure RADIUS for Switch Cased Authentication

Cisco Catalyst Express 500 does not support RADIUS for switch based authentication. But RADIUS can be used for IEEE 801.1x port based authentication. Use Cisco Network Assistant (CNA) in order to configure RADIUS credentials and IEEE 802.1x port based authentication on a Cisco Catalyst Express 500 because Device Manager does not support these configurations.

Catalyst Express 500 Troubleshooting and Debugging Aid

The Cisco Catalyst Express 500 Troubleshooting and Debugging Aid is a Cisco TAC developed GUI-based tool which can provide you with the current state information of a switch for these features:

  • Running configuration

  • Switch state

  • VLANs

  • Security

  • MAC address table

  • Spanning Tree

  • Port information

  • Neighboring devices

  • Log

  • Inventory

  • IP protocol stack

You can also use this troubleshooting aid in order to enable or disable these features:

caution Caution: Enable / disable these features only on the advice of a Cisco TAC Engineer.

  • DHCP Snooping [Non-Permanent]

  • Quality of Service

  • Rapid Spanning Tree Protocol

  • IP ARP Inspection (slow connectivity)

Complete these steps in order to start to use the Catalyst Express 500 Troubleshooting and Debugging Aid:

  1. Download the CE500_Aid.zip file to a PC / laptop directly connected to the Cisco Catalyst 500 Switch.

  2. Extract the contents of the CE500_Aid.zip file. The zip files should have these files:

    1. Cisco_Aid.hta

    2. Cisco_Logo.gif

  3. Double-click on the Cisco_Aid.hta file in order to start to use the troubleshooting aid.

Related Information

Updated: Jun 13, 2008
Document ID: 71441