The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The switch LEDs provide troubleshooting information about the switch. They show boot fast failures, port-connectivity problems, and overall switch performance. You can also get statistics from Web UI, the CLI, or an SNMP workstation. See the appropriate configuration guide, or the documentation that came with your SNMP application for details.
Contact your Cisco TAC representative if your switch does not successfully boot.
 Note |
You can disable boot fast and run POST by using the Cisco IOS CLI. See the appropriate configuration guide for more information. |
Look at the port LEDs information when troubleshooting the switch. See details about LEDs colors and their meanings In the Cisco Catalyst IE9300 Rugged Series Switches chapter.
Always examine the cable for marginal damage or failure. A cable might be just good enough to connect at the physical layer, but it could corrupt packets as a result of subtle damage to the wiring or connectors. You can identify this problem because the port has many packet errors or it constantly flaps. That is, it loses and regains the link.
Exchange the copper or fiber-optic cable with a known good cable.
Look for broken or missing pins on cable connectors.
Rule out any bad patch panel connections or media converters between the source and the destination. If possible, bypass the patch panel, or eliminate media converters (fiber-optic-to-copper).
Try the cable in another port to see if the problem follows the cable.
Make sure that you have the correct cable:
For Ethernet, use Category 3 or better copper cable for 10 Mb/s UTP connections. Use either Category 5, Category 5e, or Category 6 UTP for 10/100/1G, and PoE connections.
Verify that you have the correct fiber-optic cable for the distance and port type. Make sure that the connected device ports match and use the same type encoding, optical frequency, and fiber type.
Determine if a copper crossover cable was used when a straight-through was required or the reverse. Enable auto-MDIX on the switch, or replace the cable.
Verify that both sides have a link. A broken wire or a shutdown port can cause one side to show a link even though the other side does not have a link.
A port LED that is on does not guarantee that the cable is functional. It might have encountered physical stress, causing it to function at a marginal level. If the port LED does not turn on:
Connect the cable from the switch to a known good device.
Make sure that both ends of the cable are connected to the correct ports.
Verify that both devices have power.
Verify that you are using the correct cable type. See Cable and Connectors for information.
Look for loose connections. Sometimes a cable appears to be seated but is not. Disconnect the cable, and then reconnect it.
If a port appears to malfunction:
Verify the status of all ports by checking the LEDs. For more information, see sections about the different panel features in the chapter Cisco Catalyst IE9300 Rugged Series Switches.
See the show interfaces command to see if the port is error-disabled, disabled, or shut down. Re-enable the port if necessary.
Verify the cable type. See the chapter Cables and Connectors.
Use only Cisco SFP modules. Each Cisco module has an internal serial EEPROM that is encoded with security information. This encoding verifies that the module meets the requirements for the switch.
Inspect the SFP module. Exchange the suspect module with a known good module.
Verify that the module is supported on this platform. (The switch release notes on Cisco.com list the SFP modules that the switch supports.)
Use the show interfaces command to see if the port or module is error-disabled, disabled, or shutdown. Reenable the port if needed.
Make sure that all fiber-optic connections are clean and securely connected.
Verify that the interface is not disabled or powered off. If an interface is manually shut down on either side of the link, it does not come up until you reenable the interface. Use the show interfaces command to see if the interface is error-disabled, disabled, or shut down on either side of the connection. If needed, reenable the interface.
Ping from the directly connected switch first, and then work your way back port by port, interface by interface, trunk by trunk, until you find the source of the connectivity issue. Make sure that each switch can identify the end device MAC address in its Content-Addressable Memory (CAM) table.
ASpanning Tree Protocol (STP) loops can cause serious performance issues that look like port or interface problems.
A unidirectional link can cause loops. It occurs when the traffic sent by the switch is received by the neighbor, but the traffic from the neighbor is not received by the switch. A broken cable, other cabling problems, or a port issue can cause this one-way communication.
You can enable UniDirectional Link Detection (UDLD) on the switch to help identify unidirectional link problems. For information about enabling UDLD on the switch, see the “Understanding UDLD” section in the switch software configuration guide on Cisco.com.
Port statistics that show a large number of alignment errors, frame check sequence (FCS), or late-collisions errors, might mean a speed or duplex mismatch.
A common issue occurs when duplex and speed settings are mismatched between two switches, between a switch and a router, or between the switch and a workstation or server. Mismatches can happen when manually setting the speed and duplex or from autonegotiation issues between the two devices.
To maximize switch performance and to ensure a link, follow one of these guidelines when changing the duplex or the speed settings.
Let both ports autonegotiate both speed and duplex.
Manually set the speed and duplex parameters for the interfaces on both ends of the connection.
If a remote device does not autonegotiate, use the same duplex settings on the two ports. The speed parameter adjusts itself even if the connected port does not autonegotiate.
Problems sometimes occur between the switch and third-party network interface cards (NICs). By default, the switch ports and interfaces autonegotiate. Laptops or other devices are commonly set to autonegotiate, yet sometimes issues occur.
To troubleshoot autonegotiation problems, try manually setting both sides of the connection. If this does not solve the problem, there could be a problem with the firmware or software on the NIC. You can resolve this by upgrading the NIC driver to the latest version.
If the port statistics show excessive FCS, late-collision, or alignment errors, verify that the cable distance from the switch to the connected device meets the recommended guidelines. See the chapter Cables and Connectors.
These are reasons why you might want to reset the switch to the factory default settings:
You installed the switch in your network and cannot connect to it because you assigned the wrong IP address.
You want to reset the password on the switch.
Note |
Resetting the switch deletes the configuration and reboots the switch. |
 Caution |
If you press the Express Setup button when you power on, the automatic boot sequence stops, and the switch enters bootloader mode. Attention : Si vous appuyez sur le bouton de configuration express lors de la mise sous tension, la séquence de démarrage automatique s’arrête et le commutateur passe en mode de chargeur de démarrage. |
|
Step 1 |
Press and hold the Express Setup button (recessed behind a small hole in the faceplate) for about 10 seconds with a paper clip or similar object. The switch reboots. The system LED turns green after the switch completes rebooting. |
|
Step 2 |
Press the Express Setup button again for 3 seconds. A switch 10/100/1G Ethernet port blinks green. |
The switch now behaves like an unconfigured switch. You can configure the switch by using the CLI setup procedure described in the chapter Configuring the Switch with the CLI Setup Program.
Password recovery is a feature that a system administrator can enable or disable. If password recovery is disabled, the only way to recover from a lost or forgotten password is to clear the switch configuration entirely.
The software configuration guides provide details about enabling and disabling the password recovery feature and the procedure for recovering passwords.
Secure data wipe is a Cisco wide initiative to ensure storage devices on all IOS XE based platforms are properly purged using NIST SP 800-88r1 compliant secure erase commands.
This feature is supported in Cisco IOS XE 17.11.1 and later on the following IoT switches for all license levels:
IE9310
IE9320
When secure data wipe is enabled, everything in flash, SDflash, and USB flash is erased, including:
User configuration and passwords
Cisco IOS XE image
Embedded MultiMediaCard (eMMC)
rommon variables
ACT2 Secure Storage
The switch will be in rommon prompt with default factory settings (baud rate 9600) after the command is executed. The internal flash memory will not get formatted until the IOS image is rebooted.
Note |
If an sdflash/usbflash with a valid image inserted, the device will boot with the image in the external media based on the boot precedence. The device will be in rommon only if no external media with an image is inserted in the device. |
To enable secure data wipe, enter the factory-reset all secure command in priviledged exec mode, as shown in the following example:
Switch#factory-reset all secure
The factory reset operation is irreversible for securely reset all. Are you sure? [confirm]
The following will be deleted as a part of factory reset: NIST SP-800-88r1
1: Crash info and logs
2: User data, startup and running configuration
3: All IOS images, including the current boot image
4: OBFL logs
5: User added rommon variables
6: Data on Field Replaceable Units(USB/SD/SSD/SATA)
7: License usage log files
Note:
Secure erase logs/reports will be stored in flash.
The system will reload to perform factory reset.
It will take some time to complete and bring it to rommon.
DO NOT UNPLUG THE POWER OR INTERRUPT THE OPERATION
Are you sure you want to continue? [confirm]
Protection key not found
Switch#
Chassis 1 reloading, reason - Factory Reset
Jan 13 03:17:21.551: %PMAN-5-EXITACTION: C0/0: pvp: Process manager is exiting: reload cc action requested
Jan 13 03:17:21.645: %PMAN-5-EXITACTION: F0/0: pvp: Process manager is exiting: reload fp action requested
Jan 13 03:17:23.672: %PMAN-5-EXITACTION: R0/0: pvp: Process manager is exiting: rp processes exit with reload switch code
Enabling factory reset for this reload cycle Switch booted with Switch booted with flash:packages.conf
Switch booted via packages.conf
% FACTORYRESET - Started Data Sanitization...
% FACTORYRESET - Unmounting sd1
% FACTORYRESET - Unmounting sd2
% FACTORYRESET - Unmounting sd3
% FACTORYRESET - Unmounting sd4
% FACTORYRESET - Unmounting sd5
% FACTORYRESET - Unmounting sd6
% FACTORYRESET - Unmounting sd7
% FACTORYRESET - Unmounting sd8
% FACTORYRESET - Unmounting sd9
% FACTORYRESET - Unmounting sd10
% FACTORYRESET - Unmounting sd11
% FACTORYRESET - Unmounting sd12
Executing Data Sanitization...
eMMC Data Sanitization started ...
!!! Please, wait - Reading EXT_CSD !!!
!!! Please, wait - Reading EXT_CSD !!!
!!! Please, wait - Erasing(Legacy) /dev/mmcblk0p1 !!!
!!! Please, wait - Erasing(Legacy) /dev/mmcblk0p7 !!!
!!! Please, wait - Erasing(Legacy) /dev/mmcblk0p8 !!!
!!! Please, wait - Erasing(Legacy) /dev/mmcblk0p9 !!!
!!! Please, wait - Erasing(Legacy) /dev/mmcblk0p10 !!!
!!! Please, wait - Erasing(Legacy) /dev/mmcblk0p11 !!!
!!! Please, wait - Erasing(Legacy) /dev/mmcblk0p12 !!!
!!! Please, wait - Sanitizing /dev/mmcblk0 !!!
!!! Please, wait - Validating Erase for /dev/mmcblk0p1 !!!
!!! Please, wait - Validating Erase for /dev/mmcblk0p7 !!!
!!! Please, wait - Validating Erase for /dev/mmcblk0p8 !!!
!!! Please, wait - Validating Erase for /dev/mmcblk0p9 !!!
!!! Please, wait - Validating Erase for /dev/mmcblk0p10 !!!
!!! Please, wait - Validating Erase for /dev/mmcblk0p11 !!!
!!! Please, wait - Validating Erase for /dev/mmcblk0p12 !!!
eMMC Data Sanitization completed ...
Data Sanitization Success! Exiting...
% FACTORYRESET - Data Sanitization Success...
% FACTORYRESET - Making File System sd1 [0]
Discarding device blocks: done
Creating filesystem with 131072 4k blocks and 32768 inodes
Filesystem UUID: 80a9c93f-544c-4d27-93c7-3d5d4a422d76
Superblock backups stored on blocks:
32768, 98304
Allocating group tables: done
Writing inode tables: done
Writing superblocks and filesystem accounting information: done
% FACTORYRESET - Mounting Back sd1 [0]
% FACTORYRESET - Handling Mounted sd1
% FACTORYRESET - Factory Reset Done for sd1
% FACTORYRESET - Making File System sd3 [0]
Discarding device blocks: done
Creating filesystem with 662528 4k blocks and 165648 inodes
Filesystem UUID: a9dd813b-c690-4346-914e-6dfb22d477ad
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912
Allocating group tables: done
Writing inode tables: done
Writing superblocks and filesystem accounting information: done
% FACTORYRESET - Mounting Back sd3 [0]
% FACTORYRESET - Handling Mounted sd3
% FACTORYRESET - Factory Reset Done for sd3
% FACTORYRESET - Making File System sd4 [0]
Creating filesystem with 2048 4k blocks and 2048 inodes
Allocating group tables: done
Writing inode tables: done
Writing superblocks and filesystem accounting information: done
% FACTORYRESET - Mounting Back sd4 [0]
% FACTORYRESET - Handling Mounted sd4
% FACTORYRESET - Factory Reset Done for sd4
% FACTORYRESET - Making File System sd5 [0]
Creating filesystem with 2048 4k blocks and 2048 inodes
Allocating group tables: done
Writing inode tables: done
Writing superblocks and filesystem accounting information: done
% FACTORYRESET - Mounting Back sd5 [0]
% FACTORYRESET - Handling Mounted sd5
% FACTORYRESET - Factory Reset Done for sd5
% FACTORYRESET - Making File System sd6 [0]
Discarding device blocks: done
Creating filesystem with 32768 4k blocks and 32768 inodes
Allocating group tables: done
Writing inode tables: done
Writing superblocks and filesystem accounting information: done
% FACTORYRESET - Mounting Back sd6 [0]
% FACTORYRESET - Handling Mounted sd6
% FACTORYRESET - Factory Reset Done for sd6
% FACTORYRESET - Making File System sd11 [0]
mkfs.fat 4.1 (2017-01-24)
% FACTORYRESET - Mounting Back sd11 [0]
% FACTORYRESET - Handling Mounted sd11
% FACTORYRESET - Factory Reset Done for sd11
% FACTORYRESET - Making File System sd12 [0]
mkfs.fat 4.1 (2017-01-24)
% FACTORYRESET - Mounting Back sd12 [0]
% FACTORYRESET - Handling Mounted sd12
% FACTORYRESET - Factory Reset Done for sd12
act2 cleaning ...
% act2 cleaning success
act2 logging ...
% act2 logging success
% FACTORYRESET - Restore lic0 Files
Factory reset Secure Completed ...
FACTORYRESET - Secure Successfull
% FACTORYRESET - Check if sdflash is mounted...
% FACTORYRESET - sdflash detected..
fstype is vfat
% FACTORYRESET - Proceed with Unmounting the SD card...
% FACTORYRESET - Cleaning Up /mnt/usb2
% FACTORYRESET - In progress.. please wait for completion...
% FACTORYRESET - Making File System sdflash [0]
mkfs.fat 4.1 (2017-01-24)
mkfs result 0
% FACTORYRESET - Mounting Back sdflash
% FACTORYRESET - Factory reset done for sdflash
% FACTORYRESET - Check if usbflash is mounted...
Factory reset successful. Rebooting...
watchdog: watchdog0: watchdog did not stop!
reboot: Restarting system
factory-reset command options:
factory-reset all: Remove everything from flash
factory-reset all secure : Remove everything from flash, and also unmount and sanitize the partitions before mounting back. This ensures that the data from those partitions cannot be recovered.
Important |
The factory-reset all secure operation may take hours. Please do not power cycle. |
To check the log after the switch executes the command, boot up IOS XE and enter the following show command:
Switch#sh platform software factory-reset secure log
Factory reset log:
#CISCO IE9K DATA SANITIZATION REPORT#
START : 03-02-2023, 08:15:42
END : 03-02-2023, 08:19:18
-eMMC-
MID : 'Micron'
PNM : 'S0J56X'
SN : 0x00000001
Status : SUCCESS
NIST : PURGE
Switch#
If you contact Cisco Technical Assistance, you need to know the serial number of your switch. The serial number is on the top of the switch. You can also use the show version command to obtain the switch serial number.
Feedback