Troubleshooting

Connectivity issues may cause the switch to malfunction, arising from physical faults such as damaged cables, loose connections, or software issues such as incorrect port configurations.

Physical connectivity issues

The switch may not function properly due to connectivity issues arising due to physical faults such as damaged cables, loose connections.

The switch LEDs help diagnose the issue. They show boot fast failures, port-connectivity problems, and overall switch performance. You can also get statistics from Device Manager, the CLI, or an SNMP workstation.

A port LED that is lights up does not guarantee that the cable is functional. It might have encountered physical stress, causing it to function at a marginal level. If the port LED does not turn on:

  • Check for loose connections. Sometimes a cable appears to be seated but is not. Disconnect the cable, and then reconnect it.

  • Check for broken or missing pins on cable connectors..

  • Ensure correct cable type is used.

  • Ensure that both devices have power.

  • Ensure that both ends of the cable are connected to the correct ports.

  • Connect the cable from the switch to a known good device.

Software configuration issues

If a 10/100 and 10/100/1G port appears to malfunction:

  • Verify the status of all ports. See Port status LEDs for descriptions of the LEDs and their meanings.

  • Use the show interfaces privileged EXEC command to see if the port is error-disabled, disabled, or shut down. Reenable the port if necessary.

Interface Settings

Verify that the interface is not disabled or powered off. If an interface is manually shut down on either side of the link, it does not come up until you reenable the interface. Use the show interfaces privileged EXEC command to see if the interface is error-disabled, disabled, or shut down on either side of the connection. If needed, reenable the interface.

Ping End Device

Ping from the directly connected switch first, and then work your way back port by port, interface by interface, trunk by trunk, until you find the source of the connectivity issue. Make sure that each switch can identify the end device MAC address in its Content-Addressable Memory (CAM) table.

Spanning Tree Loops

STP loops can cause serious performance issues that look like port or interface problems.

A unidirectional link can cause loops. It occurs when the traffic sent by the switch is received by the neighbor, but notification that the traffic was received from the neighbor is not received by the switch. A broken cable, other cabling problems, or a port issue can cause this one-way communication.

You can enable UniDirectional Link Detection (UDLD) on the switch to help identify unidirectional link problems. For information about enabling UDLD on the switch, see the “Information About UDLD” section in the , on Cisco.com.

Switch Performance

Speed, Duplex, and Autonegotiation

Port statistics that show a large amount of alignment errors, frame check sequence (FCS), or late-collisions errors, a common issue when duplex and speed settings are mismatched between two devices.

To maximize switch performance and to ensure a link, follow one of these guidelines when changing the duplex or the speed settings.

  • Let both ports autonegotiate both speed and duplex.

  • Manually set the speed and duplex parameters for the interfaces on both ends of the connection.

  • If a remote device does not autonegotiate, use the same duplex settings on the two ports. The speed parameter adjusts itself even if the connected port does not autonegotiate.

Autonegotiation and Network Interface Cards

Problems sometimes occur between the switch and third-party network interface cards (NICs). By default, the switch ports and interfaces autonegotiate. Laptops or other devices are commonly set to autonegotiate, yet sometimes issues occur.

To troubleshoot autonegotiation problems, try manually setting both sides of the connection to the same speed and duplex mode. If this does not solve the problem, there could be a problem with the firmware or software on the NIC. You might resolve this by upgrading the NIC driver to the latest version.

Cabling Distance

If the port statistics show excessive FCS, late-collision, or alignment errors, verify that the cable distance from the switch to the connected device meets the recommended guidelines.

Resetting the Switch

Resetting the switch deletes the configuration and reboots the switch.

Reasons why you might want to reset the switch to the factory default settings include:

  • You installed the switch in your network and cannot connect to it because it is assigned an unknown IP address.

  • You want to reset the password on the switch.


Caution


If you press the Express Setup button when you power on, the automatic boot sequence stops and the switch enters bootloader mode.


To reset the switch:

Procedure


Step 1

Press and hold the Express Setup button for 15 seconds or more. The switch reboots. The system led turns green and the expres setup led starts to blink green.

Step 2

Press the Express Setup button again for 1-3 seconds. LED for port 1/1 blinks green.

The switch now behaves like a factory-default configured switch. Go to section above on Express Setup to complete re-install.


Enabling Secure Data Wipe

Secure data wipe is a Cisco wide initiative to ensure storage devices on all IOS XE based platforms are properly purged using NIST SP 800-88r1 compliant secure erase commands.

This feature is supported in Cisco IOS XE 17.17.1 and later on the following IoT switches for all license levels:

  • IE3100H

When secure data wipe is enabled, everything in internal flash memory is erased, including:

  • User configuration and passwords

  • Cisco IOS XE image

  • Embedded MultiMediaCard (eMMC)

  • rommon variables

  • ACT2 Secure Storage


Note


Secure erase does not clear the SD card or USB device contents. You must manually erase or reformat external storage devices.


The switch will be in rommon prompt with default factory settings (baud rate 9600) after the command is executed. The internal flash memory will not get formatted until the IOS image is rebooted.


Note


If an sdflash/usbflash with a valid image inserted, the device will boot with the image in the external media based on the boot precedence. The device will be in rommon only if no external media with an image is inserted in the device.


Performing a Secure Data Wipe

To enable secure data wipe, enter the factory-reset all secure command in priviledged exec mode, as shown in the following example:

Switch#factory-reset ?
  all                  All factory reset operations
  keep-licensing-info  Keep license usage info
Switch#factory-reset all ?
secure  Securely reset all
Switch#factory-reset all secure
The factory reset operation is irreversible for securely reset all. Are you sure? [confirm]Y

factory-reset command options:

  • factory-reset all—Remove everything from flash

  • factory-reset keep-licensing-info—Keep the licensing information after factory reset and remove everything else from flash.

  • factory-reset all secure —Remove everything from flash, and also unmount and sanitize the partitions before mounting back. This ensures that the data from those partitions cannot be recovered.


Important


The factory-reset all secure operation may take hours. Please do not power cycle.


To check the log after the switch executes the command, boot up IOS XE and enter the following show command:

Switch#show platform software factory-reset secure log
Factory reset log:
#CISCO DATA SANITIZATION REPORT:# IE3100h
Purge ACT2 chip at 12-08-2024, 15:17:28
ACT2 chip Purge done at 12-08-2024, 15:17:29
mtd and backup flash wipe start at 12-08-2024, 15:17:29
mtd and backup flash wipe done at 12-08-2024, 15:17:29.

How to Recover Passwords

Password recovery is a feature that a system administrator can enable or disable. If password recovery is disabled, the only way to recover from a lost or forgotten password is to clear the switch configuration entirely. For this procedure, see Resetting the Switch.

Troubleshooting Express Setup

This section provides troubleshooting tips for the initial switch configuration.

Checklist

Recommendation

Was the SETUP LED blinking when you pressed the Express Setup button?

If no, or you are not sure, restart the switch. Make sure that the SETUP LED is blinking when you press the Express Setup button.

Did you connect your PC to the wrong switch port?

Verify that you are connected to the switch port with the blinking LED.

Did you start a browser session on your PC before the SETUP LED was solid green?

If yes, or you are not sure, restart the switch, and repeat the Express Setup procedure.

Did you start a browser session on your PC and the setup page did not appear?

If the window does not appear, enter a URL in your browser, such as Cisco.com or another well known website.

Did you have a pop-up blocker running on your PC when you connected to the switch port?

If yes, disconnect the cable from the switch port, disable the pop-up blocker, press the Express Setup button, and reconnect the cable to the blinking Ethernet port.

Did you have proxy settings enabled in your browser software when you connected to the switch port?

If yes, disconnect the cable from the switch port, disable the proxy settings, press the Express Setup button, and reconnect the cable to the blinking Ethernet port.

Did you have a wireless client running on your PC when you connected to the switch port?

If yes, disconnect the cable from the switch port, disable the wireless client, press the Express Setup button, and reconnect the cable to the blinking Ethernet port.

Do you need to change the switch IP address after you have already completed the initial setup?

Go to the Configure > Express Setup Device Manager screen to change the switch IP address. For more information about changing the switch IP address, see the Cisco IE 2000 Switch Software Configuration Guide at Cisco.com.

Finding the Switch Serial Number

If you contact Cisco Technical Assistance, you need to know the serial number of your switch. The serial number is on the compliance label on the bottom of the device or on the small label adjacent to the Power Connector.. You can also use the show version privileged EXEC command to obtain the switch serial number.