Catalyst 2950 Desktop Switch Software Configuration Guide, 12.0(5.2)WC(1)
Using the Management Interfaces
Downloads: This chapterpdf (PDF - 443.0KB) The complete bookPDF (PDF - 3.54MB) | Feedback

Using the Management Interfaces

Table Of Contents

Using the Management Interfaces

Preparing to Use Cluster Management Suite

Accessing CMS for the First Time

Using the Cluster Management Suite

Using CMS Windows

The Common Interface of Cluster Builder and Cluster View

Toolbar Icons for Cluster Builder and Cluster View

Cluster View and Cluster Builder Device and Link Icons

Menu Options for Cluster Builder and Cluster View

Using Cluster Builder

Using Cluster View

Using Cluster Manager

Menu Bar Options in Cluster Manager

Using the Port Pop-Up Menu to Configure Ports

Using the Device Pop-Up Menu to Configure a Switch

Using the Cluster Tree

Toolbar Icons for Cluster Manager

Using VSM

VSM Menu Bar Options

VSM Port Pop-Up Menu and Device Pop-Up Menu Options

Using Online Help

Using the IOS Command-Line Interface

Understanding the CLI

Setting Passwords and Privilege Levels

Using the CLI to Manage Cluster Members

Getting Help

Abbreviating Commands

Using no Commands

Understanding Command-Line Error Messages

Configuring the Switch for Telnet

Starting a Telnet Session from the Browser

Working with Files in Flash Memory

Using SNMP Management

Using FTP to Access the MIB Files

Using SNMP to Access MIB Variables

Managing Cluster Switches Through SNMP

Configuring the Switch for Remote Monitoring


Using the Management Interfaces


This chapter describes the features and characteristics of the management interfaces available on the Catalyst 2950 switches. There is a command-line interface for entering IOS commands, a graphical user interface (GUI) for use with a browser such as Microsoft Internet Explorer or Netscape Navigator, and a Simple Network Management Protocol (SNMP) interface for SNMP management applications such as CiscoWorks2000 and CiscoView 5.0.

This chapter describes the following topics:

Preparing to use the Cluster Management Suite (CMS), the HTML-based interface for configuring clusters and individual switches

Understanding the menu options, icons, and other graphical devices that make up the CMS interface

Understanding how to change command modes and enter commands by using the IOS command-line interface (CLI)

Understanding how to use an SNMP management application to manage a cluster or switch


Note If you are looking for information on a specific feature, Table 4-2 lists the defaults for all key features and provides cross-references to feature descriptions and CLI procedures.


Preparing to Use Cluster Management Suite

All of the CMS features are based on an embedded HTTP web server in the switch Flash memory.

CMS uses Hypertext Transfer Protocol (HTTP), which is an in-band form of communication with the switch through any one of its Ethernet ports and that allows switch management from a standard web browser. CMS requires that your switch uses HTTP port 80, which is the default HTTP port.


Note If you change the HTTP port, you cannot use CMS.


For information about connecting to a switch port, refer to the switch hardware installation guide.

Do no disable or otherwise misconfigure the port through which your management station is communicating with the switch. You might want to write down the port number to which you are connected. Changes to the switch IP information should be done with care.

Refer to the following topics in the Release Notes for the Catalyst 2950 Cisco IOS Release 12.0(5)WC(1) for information about accessing CMS:

System requirements

Running the setup program

Installing the required plug-in

Configuring your web browser

Accessing CMS

You access CMS through the default privilege level 15. For more information, see the "Setting Passwords and Privilege Levels" section.

Accessing CMS for the First Time

Use the IP address of a cluster command switch or standalone switch to access the appropriate web-based application. For instructions on assigning the IP address, see the "CLI: Assigning IP Information to the Switch" section. For information on clustering, see "Creating and Managing Clusters."

If your network is configured with an HSRP standby group for redundancy, enter the virtual IP address to access CMS. See the "Building a Redundant Cluster" section for more information.

For detailed instructions to access Cluster Management, refer to the "Accessing CMS" section in the Release Notes for the Catalyst 2950 Cisco IOS Release 12.0(5)WC(1).

Using the Cluster Management Suite

The CMS consists of three related applications that you can use to create clusters of switches, configure and monitor switches and ports, and display link and performance information. Each cluster requires a designated command switch with an IP address to manage communication with the other switches in the cluster.

This section describes how you can use the following CMS applications to manage your network:

Cluster Builder and Cluster View

Cluster Manager

Visual Switch Manager (VSM)

These CMS applications support the monitoring and configuration of all cluster and switch features. VSM supports configuration and monitoring of all device-management features for standalone switches.

All CMS applications are supported by an online help system.

Using CMS Windows

CMS windows use consistent techniques to present and save configuration information. In some cases, CMS windows have multiple tabs that present different kinds of information. Tabs are arranged like folder headings across the top of the window. Click the tab to display a new screen of information, and use the Apply button to save information on all tabs without closing the window.

When you are managing a cluster of switches, a drop-down Device List at the top of the window displays the names of all cluster switches. The contents of this list can vary depending on the menu item selected. Click a switch to display the information for that switch. VSM windows, which always operate on a single switch, do not display a Device List.

Listed information can often be changed by selecting an item from a list. To change the information, select one or more items, and click Modify. Changing multiple items is limited to those items that apply to at least one of the selections. For example, when you select multiple ports, a parameter such as flow control is grayed out if the ports are not Gigabit Ethernet ports.


Tips If you try to select a port or device in Cluster Manager while there is another window still open, the computer issues a ringing bell sound. Rearrange the windows that are displayed to find the open window, and close it to proceed.


Figure 2-1 shows the components of a typical CMS window.

The following are the most common buttons that you use to control a CMS window:

Button
Description

OK

Save any changes made in the window and close the window.

Apply

Save any changes made in the window and leave the window open.

Cancel

Do not save any changes made in the window and close the window.

Modify

Display the pop-up for changing information on the selected item or items. You usually select an item from a list or table and click Modify. When you close the pop-up, you return to the original window.

Help

Display the online help for the current window and the online help table of contents.


Figure 2-1 Components of a CMS Window

The Common Interface of Cluster Builder and Cluster View

Cluster Builder and Cluster View are related applications that share the same interface. Use Cluster Builder to create and modify clusters of switches and to display a network map of their links and devices. You can create clusters with redundant command switches and display cluster members and the links between them. Cluster View displays a map of the switches in a cluster and the neighboring edge devices and clusters. Once you have displayed Cluster Builder or Cluster View, you can toggle back and forth between the two.

The user interface for Cluster Builder and Cluster View consists of the network map—the switches, links, and other devices in the cluster—and the menus and toolbar. The toolbar is a quick way to access features also available from the menu bar.

Toolbar Icons for Cluster Builder and Cluster View

One of the ways you can configure cluster switches is by clicking a toolbar icon. Figure 2-2 shows the Cluster Builder and Cluster View toolbar icons. Hold the cursor over an icon to display the feature invoked by that icon.

Figure 2-2 Features Available Through the Toolbar

You can invoke the following features from the Cluster Builder or Cluster View toolbar (from left to right):

Launch Cluster Manager.

Toggle between Cluster Builder and Cluster View.

Toggle between switch names and IP or MAC addresses and connected port numbers.

Save the presentation of the cluster icons as you have arranged them.

Save the current configuration for all cluster members to Flash memory.

Set the user settings for Cluster Builder and Cluster View.

Display the legend that describes the icons, labels, and links that are used in Cluster Builder and Cluster View.

List the online help topics for Cluster Builder and Cluster View.

Cluster View and Cluster Builder Device and Link Icons

The Cluster Builder and Cluster View legend shows the meaning of the colored labels and icons that represent the links and devices that make up the cluster. Select Help > Legend to display the legend. Figure 2-3 shows the device icons and as they display on the network map. Display the link and label icons by clicking the respective tabs.

Figure 2-3 Icons Used in Cluster Builder and Cluster View

Menu Options for Cluster Builder and Cluster View

Table 2-1 lists the menu options and the tasks you can perform with Cluster Builder and Cluster View.

Table 2-1 Menu Options for Cluster Builder and Cluster View 

Menu Bar Choices
Task
Cluster
 

Add to cluster

Add candidates to cluster.

 

Remove from cluster

Remove members from cluster.

 

User Settings

Change the default settings for the number of hops to discover and the polling interval for Cluster Builder and the link graphs.

 

Cluster Manager

Start Cluster Manager.

Views
 

Toggle Views

Toggle between Cluster Builder and Cluster View.

 

Toggle Labels

Toggle between switch names and IP or MAC addresses and connected port numbers.

Device
 

Launch Switch Manager

Start Switch Manager for a selected switch.

 

Bandwidth Graph

Display a graph showing the current bandwidth in use by a selected switch.

 

Show/Hide Candidates

Expand or collapse image of all candidates connected to a cluster member.

 

Host Name Configuration

Change the host name for a selected device.

Link
 

Link Graph

Display a graph showing the bandwidth being used for the selected link.

 

Link Report

Display the Link Report for two connected devices. If one device is an unknown device, candidate, or switch, only the cluster member side of the link displays.

Options
 

Save Layout

Save the current presentation of the network map.

 

Save Configuration

Save the current configuration of cluster members to Flash memory.

Help
 

Contents

List all of the available online help topics.

 

Legend

Display descriptions of the icons used on the network map.

 

About ClusterBuilder View

Display the version number for Cluster Builder and Cluster View.


Using Cluster Builder

Follow the procedure in the "Accessing CMS" section in the Release Notes for the Catalyst 2950 Cisco IOS Release 12.0(5)WC(1) to display Cluster Builder. When you are using Cluster Manager, click the double-switch icon on the toolbar (Figure 2-2) to toggle back to Cluster Builder.

Use Cluster Builder to create and manage a cluster of switches. Switches connected to the command switch or cluster-capable devices display themselves as cluster members or candidates. Figure 2-4 shows Cluster Builder displaying a map of cluster devices.

Table 2-2 shows the meanings of the label colors in Cluster Builder. Table 2-3 shows the meanings of the link colors in Cluster Builder. Table 2-4 shows the meanings of the icon colors in Cluster Builder.

Table 2-2 Device Label Color Meanings in Cluster Builder

Label Color
Color Meaning

Green

A cluster member, either as a member switch or as the command switch.

Blue

A cluster candidate that is fully qualified to become a cluster member. Add these candidates with Cluster Builder.

White

A standby command switch.

Yellow

An unknown edge device that cannot become a member.


Table 2-3 Link Color Meanings in Cluster Builder

Link Color
Color Meaning

Dark blue

Active link

Red

Blocked link


Table 2-4 Icon Color Meanings in Cluster Builder

Label Color
Color Meaning

Green

Device is up.

Red

Device is down.

Yellow

Fault indication.


Figure 2-4 Cluster Builder

Table 2-5 describes the available menu options when you right-click a candidate switch.

Table 2-5 Cluster Builder Candidate Pop-Up Menu

Menu Item
Action

Device Web Page

Displays the device-management page for the device.

Add to Cluster

Adds the selected candidate or candidates to the cluster.


Table 2-6 describes the available menu options when you right-click a member switch. For more information on configuring cluster members, see "Managing Switches."

Table 2-6 Cluster Builder Member Pop-Up Menu

Menu Item
Action

Switch Manager

Display the VSM Home page for the selected device.

Bandwidth Graph

Display a graph that plots the total bandwidth used by the switch.

Host Name Config

Change the name of the switch. For more information, see the "Changing the Host Name" section.

Remove from Cluster

Remove the selected switch from the cluster.

Hide Candidates

Toggle between displaying candidate switches and not displaying them.

Clear State

Return switches that were down but are now up to the green (up) state. Switches that are yellow are down or were previously down. Applicable only to yellow member switches.


Table 2-7 describes the available menu options when you right-click a link. For more information on displaying link information, see "Creating Performance Graphs and Link Reports."

Table 2-7 Cluster Builder Link Pop-Up Items

Menu Item
Action

Link Graph

Display the performance graph for the link. One end of the link must be connected to a port on a cluster member that is a Catalyst 2950, 2900 XL, or 3500 XL switch.

Link Report

Displays information about the two ports in a link between members. If one end of the link is a candidate, the report only displays information about the member switch.


Using Cluster View

Cluster View displays a cluster as a double-switch icon with connections to edge devices and candidate switches. To access Cluster View, select Views > Toggle Views from the menu bar in Cluster Builder. Table 2-8 describes the available menu options when you right-click an icon in Cluster View.

Figure 2-5 Cluster View

Table 2-8 Cluster View Device Menu Options

Menu Item
Action

Device web page

Displays the web management page for the device.

Disqualification code

Describes why the switch is not a cluster member or candidate.


Using Cluster Manager

For the detailed procedure to display Cluster Manager, refer to the Release Notes for the Catalyst 2950 Cisco IOS Release 12.0(5)WC(1). When you are using Cluster Builder, click the double-switch icon on the toolbar (Figure 2-2) to toggle back to Cluster Manager.

Cluster Manager displays images of cluster switches that you can use to monitor and configure the devices. You can configure a cluster member on the port-, switch-, or cluster-level. With this release, many device-management features that were part of Visual Switch Manager (VSM) are available in Cluster Manager and VSM.

Figure 2-6 Cluster Manager

Menu Bar Options in Cluster Manager

Table 2-9 describes the options available from the Cluster Manager menu bar.

Table 2-9 Menu Bar Options Available in Cluster Manager 

Menu Item
Task
Cluster
 

Management VLAN

Change the management VLAN for a cluster.

 

System Time Management

Configure the system time or configure the Network Time Protocol.

 

Standby Command Configuration

Create an HSRP standby group to provide command-switch redundancy.

 

Device Position

Rearrange the order in which switches appear in Cluster Manager.

 

User Settings

Set the polling interval for Cluster Manager, Cluster Builder, and the performance graphs. Set the application to display by default.

 

Cluster Builder

Display Cluster Builder.

System
 

Inventory

Display the device type, software version, IP address, and other information about a switch or a cluster of switches.

 

IP Management

Configure IP information for a switch.

 

Software Upgrade

Upgrade the software for a cluster or a switch.

 

SNMP Management

Enter SNMP community strings and configure end stations as trap managers.

 

Console Baud Rate

Change the baud rate of a switch console port.

 

ARP Table

Display and maintain the Address Resolution Protocol (ARP) table.

 

Save Configuration

Save the configuration on one or all of the cluster switches.

 

System Reload

Reboot the software on a switch or a cluster.

Device
 

Spanning-Tree Protocol (STP)

Display and configure STP parameters for a switch.

 

Internet Group Management Protocol (IGMP) Snooping

Enable and disable IGMP snooping and IGMP Immediate-Leave processing on the switch. Join or leave multicast groups and configure multicast routers.

 

CoS and Weighted Round Robin (WRR)

Assign packets to an output queue based on their priorities. Enable WRR and assign relative weights to the output queues.

Port
 

Port Configuration

Display and configure port parameters on a switch.

 

Port Statistics

Display detailed port statistics on link performance, dropped packets, and total errors.

 

Port Search

Search for ports based on a description criteria.

 

Port Grouping (EC)

Group ports into logical units for high-speed links between switches.

 

Switch Port Analyzer (SPAN)

Enable SPAN port monitoring.

 

Flooding Control

Enable broadcast, unicast, and multicast flooding storm control.

VLAN
 

VLAN Membership

Display VLAN membership, assign ports to VLANs, and configure IEEE 802.1Q trunks.

 

VTP Management

Display and configure the VLAN Trunk Protocol (VTP) for interswitch VLAN membership.

Security
 

Address Management

Enter dynamic, secure, and static addresses into a switch address table, and define the forwarding behavior of static addresses.

 

Port Security

Enable port security on a port.

Help
 

Contents

List all of the available online help topics.

 

Legend

Display the legend that describes the icons, labels, and links.

 

About Cluster Manager

Display the version number for Cluster Manager.


Using the Port Pop-Up Menu to Configure Ports

For port-level configuration, right-click a port to display the port pop-up menu. To configure several ports as a time, press the Ctrl key, and right-click ports on the same or different switches. Table 2-10 describes the items available from this menu.

Table 2-10 Cluster Manager Port Pop-up Menu

Menu Item
Action When You Right-Click a Port

Port Configuration

Configure the status, speed, duplex settings and other port-level parameters. For more information, see the "Monitoring and Configuring Ports" section.

VLAN Membership

Define the VLAN mode for a port or ports, and add ports to VLANs.

Flooding Controls

Block the normal flooding of unicast and multicast packets, and enable the switch to block packet storms.

Port Security

Enable port security on a port.

Link Graph

Right-click a port that is green to display the performance graph for the link. You can plot the link utilization percentage and the total packets, bytes, and errors recorded on the link. For more information, see the "Displaying Link Graphs" section.

Note This feature is only available when selecting an individual port.


Using the Device Pop-Up Menu to Configure a Switch

For device-level configuration, right-click the switch chassis or a switch in the cluster tree to display the device pop-up menu. The options listed on the pop-up menu are the same as those available in the drop-down menu, with the exception of the Cluster menu. Table 2-11 describes the items available from this menu.

Table 2-11 Cluster Manager Device Pop-up Menu 

Menu Bar Choices
Task
System
 

Inventory

Displays the device type, software version, IP address, and other information about a switch or cluster of switches.

 

IP Management

Configure IP information for a switch.

 

Software Upgrade

Upgrade the software for a cluster or a switch.

 

SNMP Management

Enter SNMP community strings and configure end stations as trap managers.

 

Console Baud Rate

Change the baud rate for one or more switches.

 

ARP Table

Manage the Address Resolution Protocol (ARP) table.

 

Save Configuration

Save the configuration on one or all of the cluster switches.

 

System Reload

Reboot the software on a switch or a cluster.

Device
 

Spanning Tree Protocol (STP)

Display and configure STP parameters for a switch.

 

IGMP Snooping

Enable and disable IGMP snooping and IGMP Immediate-Leave processing on the switch. Join or leave multicast groups and configure multicast routers.

 

CoS and WRR

Assign packets to an output queue based on their priorities. Enable WRR and assign relative weights to the output queues.

Port
 

Port Configuration

Display and configure port parameters on a switch.

 

Port Statistics

Display detailed port statistics on link performance, dropped packages, and total errors.

 

Port Search

Search for ports based on a description criteria.

 

Port Grouping (EC)

Group ports into logical units for high-speed links between switches.

 

Switch Port Analyzer (SPAN)

Enable SPAN port monitoring.

 

Flooding Control

Enable broadcast, unicast, and multicast flooding storm control.

VLAN
 

VLAN Membership

Display VLAN membership, assign ports to VLANs, and configure IEEE 802.1Q trunks.

 

VTP Management

Display and configure the VLAN Trunk Protocol (VTP) for interswitch VLAN membership.

Security
 

Address Management

Enter dynamic, secure, and static addresses into a switch address table, and define the forwarding behavior of static addresses.

 

Port Security

Enable port security on a port.

Bandwidth Graph

Display a graph that plots the total bandwidth in use by the switch. For more information, see the "Displaying Link Graphs" section.


Using the Cluster Tree

The cluster tree displays the name of the cluster and the status of cluster members. Left-click a switch icon in the cluster tree to select it, and right-click to display the device pop-up menu.

Toolbar Icons for Cluster Manager

You can click the toolbar icon to invoke some Cluster Manager features. As shown in Figure 2-7, a description of the icon displays when you move the cursor over it.

Figure 2-7 Cluster Manager Toolbar Icons

Click a Cluster Manager toolbar to invoke the following features, from left to right:

Start Cluster Builder

Display the Software Upgrade window

Display the SNMP Management window

Display the VLAN Membership window

Display the Spanning Tree Protocol window

Display the Save Configuration window

Display the User Settings window

Display the legend that describes the icons, labels, and links

Display the Help table of contents. (See Using Online Help)

Using VSM

VSM is a web-based device-management application for configuring and monitoring a clustered or standalone switch. If your switch is part of a cluster, you can also perform many VSM tasks from within Cluster Manager.

For the detailed procedure to display VSM, refer to the Release Notes for the Catalyst 2950 Cisco IOS Release 12.0(5)WC(1). To display VSM from within Cluster Builder or Cluster View, click a switch, and select Device > Launch Switch Manager from the menu bar.

The VSM Home page displays a real-time image of the switch that you can use to monitor and reconfigure the switch and switch ports. The images of the LEDs displayed by VSM convey the same information as the LEDs on the front panel of the switch. You can configure a port or ports by right-clicking them and selecting a item from the Port Pop-Up menu.

When you use VSM to reconfigure a switch, the change becomes part of the running configuration of the switch. The image of the switch and VSM windows always display the switch running configuration. However, the running configuration is not necessarily the startup configuration that is used when the switch restarts. To ensure that your changes are saved after a restart in VSM, select System > Save Configuration from the menu bar. If you are using the CLI, you can save the configuration by entering the write memory command in privileged EXEC mode.

Figure 2-8 VSM Home Page

VSM Menu Bar Options

You can access the device-management features from the Home page menu bar. Table 2-12 describes the menu options and their function.

Table 2-12 Menu Bar Options Available in VSM 

Menu Bar Choices
Task
Cluster
 

Cluster Command Configuration

Enable a switch to act as the cluster command switch.

 

Cluster Management

Display Cluster Manager or Cluster Builder.

System
 

Inventory

Display the device type, software version, IP address, and other information about a switch.

 

IP Management

Configure IP information for a switch.

 

Software Upgrade

Upgrade the software for the cluster or a switch.

 

System Time Management

Configure the system time or the Network Time Protocol (NTP).

 

SNMP Management

Enter SNMP community strings and configure end stations as trap managers.

 

Console Baud Rate

Change the baud rate for a switch.

 

ARP Table

Display the device Address Resolution Protocol (ARP) table.

 

User Settings

Change the polling intervals for clustering and graphing, and enable the display of the splash page when VSM starts.

 

Save Configuration

Save the configuration.

 

System Reload

Reboot the software on a switch.

Device
 

Spanning-Tree Protocol (STP)

Display and configure STP parameters for a switch.

 

IGMP Snooping

Enable and disable IGMP snooping and IGMP Immediate-Leave processing on the switch. Join or leave multicast groups and configure multicast routers.

 

CoS and WRR

Assign packets to an output queue based on their priorities. Enable WRR and assign relative weights to the output queues.

Port
 

Port Configuration

Display and configure port parameters on a switch.

 

Port Statistics

Display detailed port statistics on link performance, dropped packages, and total errors.

 

Port Search

Search for ports based on a description criteria.

 

Port Grouping (EC)

Group ports into logical units for high-speed links between switches.

 

Switch Port Analyzer (SPAN)

Enable SPAN port monitoring.

 

Flooding Control

Note Enable broadcast, unicast, and multicast flooding storm control.

VLAN
 

VLAN Membership

Display VLAN membership, assign ports to VLANs, and configure 802.1Q trunks.

 

Management VLAN

Change the management VLAN on the switch.

 

VTP Management

Display and configure the VLAN Trunk Protocol (VTP) for interswitch VLAN membership.

Security
 

Address Management

Enter dynamic, secure, and static addresses into a switch address table. You can also define the forwarding behavior of static addresses.

 

Port Security

Enable port security on a port.

Help
 

Contents

List all of the available online help topics.

 

Legend

Display the legend that describes the icons, labels, and links.

 

About Visual Switch Manager

Display the version number for Visual Switch Manager.


VSM Port Pop-Up Menu and Device Pop-Up Menu Options

The options available through the port pop-up and device pop-up menus in VSM are the same as those described in Table 2-10 and Table 2-11.

Using Online Help

To get online help for CMS, do either of the following:

Select Help > Contents from the menu bar. The left pane of the Help window displays the Contents tab of the help system. The right pane displays information for the first topic on the tab.

Click Help in whatever CMS window you are using. The left pane of the Help window displays the Contents tab, positioned to the topic for the CMS window. The right pane displays information on how to use the CMS window.

You can navigate within the Help window to find whatever CMS information you need. By expanding the topics on the Contents tab and scrolling, you can see the breadth of topics in the help system. Double-click any one, and information for it appears in the right pane. A glossary is also available; it is the bottom topic on the tab. You can also find information by clicking the Index tab. Use its entry field and Find button to look for a specific entry, or scroll until you find what you need. Double-click an index entry, and information for it appears in the right pane.

In addition to these navigation features, the online help offers:

Backward and Forward buttons to let you review previous topics and return.

Numerous links within the help topics—links from concepts to task details and from highlighted terms to glossary entries.

Using the IOS Command-Line Interface

This section introduces the Cisco IOS command-line interface (CLI). The
Catalyst 2950 Desktop Switch Command Reference contains a complete description of commands that have been created or changed for the Catalyst 2950 switches.

This section describes how to perform the following tasks:

Understand the CLI and its command modes

Use the CLI to manage member switches

Set passwords

Configure the switch for Telnet

Work with files in Flash memory


Note Certain port features can conflict with one another. Review the "Managing Configuration Conflicts" section before you change the port settings.


Understanding the CLI

This section describes the Cisco IOS command-mode structure. Each command mode supports specific Cisco IOS commands. For example, the interface command is used only from global configuration mode.

The switch supports the following command modes:

User EXEC

Privileged EXEC

VLAN database

Global configuration

Interface configuration

Line configuration

Table 2-13 describes how to access each mode, the prompt you see in that mode, and how to exit the mode. The examples in the table use the host name switch.

Table 2-13 Command Modes Summary 

Modes  
Access Method
Prompt
Exit Method
About This Mode 1

User EXEC

Begin a session with your switch.

switch>

Enter logout or quit.

Use this mode to

Change terminal settings.

Perform basic tests.

Display system information.

Privileged EXEC

Enter the enable command while in user EXEC mode.

switch#

Enter disable to exit.

Use this mode to verify commands you have entered. Access to this mode should be protected with a password.

VLAN database

Enter the vlan database command while in privileged EXEC mode.

switch(vlan)#

To exit to privileged EXEC mode, enter exit.

Use this mode to configure VLAN-specific parameters.

Global configuration

Enter the configure command while in privileged EXEC mode.

switch(config)#

To exit to privileged EXEC mode, enter exit or end, or press Ctrl-Z.

Use this mode to configure parameters that apply to your switch as a whole.

Interface configuration

Enter the interface command (with a specific interface) while in global configuration mode.

switch(config-if)#

To exit to global configuration mode, enter exit.

To exit to privileged EXEC mode, enter Ctrl-Z or end.

Use this mode to configure parameters for the Ethernet interfaces.

Line configuration

Specify a line with the line vty or line console command while in global configuration mode.

switch(config-line)#

To exit to global configuration mode, enter exit.

To exit to privileged EXEC mode, enter Ctrl-Z or end.

Use this mode to configure parameters for the terminal line.

1 For any of the modes, you can see a comprehensive list of the available commands by entering a question mark (?) at the prompt.


Setting Passwords and Privilege Levels

Because many privileged EXEC commands are used to set operating parameters, you should password-protect these commands to prevent unauthorized use.

Catalyst 2950 switches have two commands for setting passwords:

enable secret password (a very secure, encrypted password)

enable password password (a less secure, unencrypted password)

You must enter one of these passwords to gain access to privileged EXEC mode. It is recommended that you use the enable secret password.

If you enter the enable secret command, the text is encrypted before it is written to the config.text file, and it is unreadable. If you enter the enable password command, the text is written as entered to the config.text file where you can
read it.


Note When set, the enable secret password takes precedence, and the enable password serves no purpose.


Both types of passwords can contain from 1 to 25 uppercase and lowercase alphanumeric characters, and both can start with a number. Spaces are also valid password characters; for example, two words is a valid password. Leading spaces are ignored; trailing spaces are recognized. The password is case sensitive.

To remove a password, use the no version of the commands: no enable secret or no enable password. If you lose or forget your enable password, see the "Recovering from a Lost or Forgotten Password" section.

When the Cluster Builder suggests a candidate to add to a cluster, you enter the password of the candidate switch, if one was defined, and the switch joins the cluster. Then the member switch inherits the command switch password. For more information on managing passwords for the Cluster Management Suite, see the "Changes to Passwords" section.

You can also specify up to 15 privilege levels and define passwords for them by using the enable password [level level] {password} or enable secret [level level] {password} command. Level 1 is normal EXEC-mode user privileges. If you do not specify a level, the privilege level defaults to 15 (traditional enable privileges).


Note You need privilege level 15 to access VSM and the Cluster Management Suite. You must also use privilege level 15 if you configure the TACACS+ (Terminal Access Controller Access Control System Plus) protocol from the CLI so that all your HTTP connections will be authenticated through the TACACS+ server.


You can specify a level, set a password, and give the password only to users who need to have access at this level. Use the privilege level global configuration command to specify commands accessible at various levels. For information on other IOS Release 12.0 commands, refer to the Cisco IOS Release 12.0 documentation set available on Cisco.com.

Using the CLI to Manage Cluster Members

You can configure member switches from the CLI by first logging into the command switch. Enter the EXEC mode rcommand command and the member switch number to start a Telnet session (through a console or Telnet connection) and access the member switch CLI. Except when connecting to a Catalyst 1900 or 2820 switch running standard edition software with the command switch at privilege level 1 to 14, you are not prompted for a password because the member switch inherited the password of the command switch when it joined the cluster.

The following example shows how to log into member-switch 3 from the command-switch CLI:

switch# rcommand 3

If you do not know the member-switch number, enter the EXEC mode show cluster members command on the command switch.

For Catalyst 2950 switches, the Telnet session accesses the member-switch CLI at the same privilege level as on the command switch. The IOS commands then operate as usual. For instructions on configuring the Catalyst 2950 switch for a Telnet session, see the "Configuring the Switch for Telnet" section.

For Catalyst 1900 and 2820 switches running standard edition software, the Telnet session accesses the menu console (the menu-driven interface) if the command switch is at privilege level 15. If the command switch is at privilege level 14, you are prompted for the password before being able to access the menu console.

Command switch privilege levels map to the Catalyst 1900 and 2820 member switches running standard and Enterprise Edition Software as follows:

If the command switch privilege level is 1 to 14, the member switch is accessed at privilege level 1.

If the command switch privilege level is 15, the member switch is accessed at privilege level 15.

The Catalyst 1900 and 2820 CLI is available only on switches running Enterprise Edition Software.

Getting Help

You can use the question mark (?) and arrow keys to help you enter commands.

For a list of available commands in a command mode, enter a question mark:

switch> ?

To complete a command, enter a few known characters followed by a tab (with no space):

switch# sh conf<tab> 
switch# sh configuration

For a list of command variables, enter the command followed by a space and a question mark:

switch> show ?

To redisplay a command you previously entered, press the up-arrow key. You can continue to press the up-arrow key for more commands.

Abbreviating Commands

You only have to enter enough characters for the switch to recognize the command as unique. This example shows how to enter the show configuration command:

switch# show conf

Using no Commands

The word no creates a no form of a command. The no form of a command does the following:

Resets a command to its default values.

or

Reverses the action of a command. For example, the command no shutdown reverses the shutdown of an interface.

Understanding Command-Line Error Messages

Table 2-14 lists some error messages that you might encounter while using the CLI to configure your switch.

Table 2-14 Common CLI Error Messages

Error Message
Meaning
How to Get Help
% Ambiguous 
command: "show 
con"

You did not enter enough characters for your switch to recognize the command.

Reenter the command followed by a space and a question mark (?).

The possible keywords that you can enter with the command are displayed.

% Incomplete 
command.

You did not enter all of the keywords or values required by this command.

Reenter the command followed by a space and a question mark (?).

The possible keywords that you can enter with the command are displayed.

% Invalid input 
detected at `^' 
marker.

You entered the command incorrectly. The caret (^) marks the point of the error.

Enter a question mark (?) to display all of the commands that are available in this command mode.

The possible keywords that you can enter with the command are displayed.


Configuring the Switch for Telnet

Follow these steps to configure a Telnet password:

 
Command
Purpose

Step 1 

 

Attach a PC or workstation with emulation software to the switch console port.

The default data characteristics of the console port are 9600, 8, 1, no parity. When the command line appears, go to Step 2.

Step 2 

enable

Enter privileged EXEC mode.

Step 3 

config terminal

Enter global configuration mode.

Step 4 

line vty 0 15

Enter the interface configuration mode for the Telnet interface.

There are 16 possible sessions on a command-capable switch. The 0 and 15 mean that you are configuring all 16 possible Telnet sessions.

Step 5 

password <password>

Enter a password.

Step 6 

end

Return to privileged EXEC mode so that you can verify the entry.

Step 7 

show running-config

Display the running configuration.

The password is listed under the command line vty 0 15

Step 8 

copy running-config startup-config

(Optional) Save the running configuration to the startup configuration.

The "Finding More Information About IOS Commands" section contains the path to the complete IOS documentation.

Starting a Telnet Session from the Browser

Follow this procedure to start a Telnet session by using a browser:


Step 1 Start one of the supported browsers.

Step 2 In the URL field, enter the IP address of the command switch.

Step 3 When the Cisco Systems Access page appears, click Telnet - to the switch to start the Telnet session.


Working with Files in Flash Memory

You can use the file system in Flash memory to copy files and to troubleshoot configuration problems. This could be useful if you wanted to save configuration files on an external server in case a switch fails. You can then copy the configuration file back to a replacement switch and avoid having to reconfigure the switch.

As in the following example, use the privileged EXEC dir flash: command to display the contents of Flash memory:

Switch#dir
Directory of flash:/
  3  drwx       10176   Mar 01 2001 00:04:34  html
  6  -rwx        2343   Mar 01 2001 03:18:16  config.text
171  -rwx     1667997   Mar 01 2001 00:02:39  c2950-c3h2s-mz.120-5.WC.1.bin
  7  -rwx        3060   Mar 01 2001 00:14:20  vlan.dat
172  -rwx         100   Mar 01 2001 00:02:54  env_vars

7741440 bytes total (4788224 bytes free)

The file system uses a URL-based file specification. The following example uses the TFTP protocol to copy the file config.text from the host arno to the switch Flash memory:

switch# copy tftp://arno//2950/config.text flash:config.text 

You can enter the following parameters as part of a filename:

TFTP

Flash

RCP

XMODEM

Use the copy running-config startup-config command to save your configuration changes to Flash memory so that they are not lost if there is a system reload or power outage. This example shows how to use this command to save your changes:

switch# copy running-config startup-config
Building configuration...

It might take a minute or two to save the configuration to Flash memory. After it has been saved, the following message appears:

[OK]
switch#

Using SNMP Management

This section describes how to access Management Information Base (MIB) objects to configure and manage your switch. It provides the following information:

Using FTP to access the MIB files

Using Simple Network Management Protocol (SNMP) to access the MIB variables

Managing cluster switches through SNMP


Note When configuring your switch by using SNMP, note that certain combinations of port features create configuration conflicts. For more information, see the "Managing Configuration Conflicts" section.


CiscoWorks2000 and CiscoView 5.0 are network-management applications you can use to configure, monitor, and troubleshoot Catalyst 2950 switches.

Using FTP to Access the MIB Files

You can obtain each MIB file with the following procedure:


Step 1 Use FTP to access the server ftp.cisco.com.

Step 2 Log in with the username anonymous.

Step 3 Enter your e-mail username when prompted for the password.

Step 4 At the ftp> prompt, change directories to /pub/mibs/supportlists.

Step 5 Change directories to one of the following:

wsc2900xl for a list of 2900 XL MIBs

wsc3500xl for a list of 3500 XL MIBs

wsc2950 for a list of 2950 MIBs

Step 6 Use the get MIB_filename command to obtain a copy of the MIB file.


You can also access this server from your browser by entering the following URL in the Location field of your Netscape browser (the Address field in Internet Explorer):

ftp://ftp.cisco.com

Use the mouse to navigate to the folders listed above.

Using SNMP to Access MIB Variables

The switch MIB variables are accessible through SNMP, an application-layer protocol facilitating the exchange of management information between network devices. The SNMP system consists of three parts:

The SNMP manager, which resides on the network management system (NMS)

The SNMP agent, which resides on the switch

The MIBs that reside on the switch but that can be compiled with your network management software

An example of an NMS is the CiscoWorks network management software. CiscoWorks2000 software uses the switch MIB variables to set device variables and to poll devices on the network for specific information. The results of a poll can be displayed as a graph and analyzed in order to troubleshoot internetworking problems, increase network performance, verify the configuration of devices, monitor traffic loads, and more.

As shown in Figure 2-9, the SNMP agent gathers data from the MIB, which is the repository for information about device parameters and network data. The agent can send traps, or notification of certain events, to the SNMP manager, which receives and processes the traps. Traps are messages alerting the SNMP manager to a condition on the network such as improper user authentication, restarts, link status (up or down), and so forth. In addition, the SNMP agent responds to MIB-related queries sent by the SNMP manager in get-request, get-next-request, and set-request format.

The SNMP manager uses information in the MIB to perform the operations described in Table 2-15.

Figure 2-9 SNMP Network

Table 2-15 SNMP Operations

Operation
Description

get-request

Retrieves a value from a specific variable.

get-next-request

Retrieves a value from a variable within a table.1

get-response

Replies to a get-request, get-next-request, and set-request sent by an NMS.

set-request

Stores a value in a specific variable.

trap

An unsolicited message sent by an SNMP agent to an SNMP manager indicating that some event has occurred.

1 With this operation, an SNMP manager does not need to know the exact variable name. A sequential search is performed to find the needed variable from within a table.


Managing Cluster Switches Through SNMP

SNMP must be enabled for the Cluster Management reporting and graphing features to function properly. When you power-on your Catalyst 2950 switch for the first time, SNMP is enabled if you enter the IP information by using the setup program and accept its proposed configuration. If you did not use the setup program to enter the IP information and SNMP was not enabled, you can enable it on the SNMP Configuration page described in the "Configuring SNMP" section. On Catalyst 1900 and 2820 switches, SNMP is enabled by default.

When a cluster is created, the command switch manages the exchange of messages between member switches and an SNMP application. The Cluster Management software appends the member switch number (@esN, where N is the switch number) to the first configured RW and RO community strings on the command switch and propagates them to the member switch. The command switch uses this community string to control the forwarding of gets, sets, and get-next messages between the SNMP management station and the member switches.


Note When a standby group is configured, the command switch can change without your knowledge. Use the first read-write and read-only community strings to communicate with the command switch if there is a standby group configured for the cluster.


If the member switch does not have an IP address, the command switch passes traps from the member switch to the management station, as shown in Figure 2-10. If a member switch has its own IP address and community strings, they can be used in addition to the access provided by the command switch. For more information, see the "Changes to the SNMP Community Strings" section and the "Configuring SNMP" section.

Figure 2-10 SNMP Management for a Cluster

Configuring the Switch for Remote Monitoring

This IOS software release supports four Remote Monitoring (RMON 1) groups. You can configure these groups by using an SNMP application or by using the CLI. The four supported groups are alarms, events, history, and statistics.