Corporate HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706 USAhttp://www.cisco.comTel: 408 526-4000

800 553-NETS (6387)Fax: 408 526-4100

Catalyst 2950 Desktop Switch Software Configuration GuideCisco IOS Release 12.1(9)EA1April 2002

Customer Order Number: DOC-7811380=Text Part Number: 78-11380-04

http://www.cisco.com

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALLSTATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUTWARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THATSHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSEOR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCBs publicdomain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS WITHALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUTLIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OFDEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCOOR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Catalyst 2950 Desktop Switch Software Configuration GuideCopyright 20012002, Cisco Systems, Inc.All rights reserved.

CCIP, the Cisco Powered Network mark, the Cisco Systems Verified logo, Cisco Unity, Follow Me Browsing, FormShare, Internet Quotient, iQ Breakthrough, iQ Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, Networking Academy, ScriptShare, SMARTnet, TransPath, and Voice LAN are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, Discover All Thats Possible, The Fastest Way to Increase Your Internet Quotient, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast Step, GigaStack, IOS, IP/TV, LightStream, MGX, MICA, the Networkers logo, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.

All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0203R)

Cataly78-11380-04

C O N T E N T S

Preface xxi

Audience xxi

Purpose xxi

Organization xxii

Conventions xxiv

Related Publications xxv

Obtaining Documentation xxvWorld Wide Web xxvDocumentation CD-ROM xxvOrdering Documentation xxviDocumentation Feedback xxvi

Obtaining Technical Assistance xxviCisco.com xxviTechnical Assistance Center xxvii

Cisco TAC Website xxviiCisco TAC Escalation Center xxviii

C H A P T E R 1 Overview 1-1

Features 1-1

Management Options 1-6Management Interface Options 1-6Advantages of Using CMS and Clustering Switches 1-7

Network Configuration Examples 1-8Design Concepts for Using the Switch 1-8Small to Medium-Sized Network Configuration 1-10Collapsed Backbone and Switch Cluster Configuration 1-12Large Campus Configuration 1-13Multidwelling Network Using Catalyst 2950 Switches 1-14Long-Distance, High-Bandwidth Transport Configuration 1-16

C H A P T E R 2 Using the Command-Line Interface 2-1

IOS Command Modes 2-1

Getting Help 2-3

iiist 2950 Desktop Switch Software Configuration Guide

Contents

Abbreviating Commands 2-3

Using no and default Forms of Commands 2-4

Understanding CLI Messages 2-4

Using Command History 2-5Changing the Command History Buffer Size 2-5Recalling Commands 2-5Disabling the Command History Feature 2-5

Using Editing Features 2-6Enabling and Disabling Editing Features 2-6Editing Commands through Keystrokes 2-6Editing Command Lines that Wrap 2-7

Searching and Filtering Output of show and more Commands 2-8

Accessing the CLI 2-9Accessing the CLI from a Browser 2-9

Saving Configuration Changes 2-10

Where to Go Next 2-10

C H A P T E R 3 Getting Started with CMS 3-1

Features 3-2

Front Panel View 3-4Cluster Tree 3-5Front-Panel Images 3-6

Redundant Power System LED 3-7Port Modes and LEDs 3-8VLAN Membership Modes 3-9

Topology View 3-9Topology Icons 3-11Device and Link Labels 3-12Colors in the Topology View 3-13Topology Display Options 3-13

Menus and Toolbar 3-14Menu Bar 3-14Toolbar 3-20Front Panel View Popup Menus 3-21

Device Popup Menu 3-21Port Popup Menu 3-21

ivCatalyst 2950 Desktop Switch Software Configuration Guide

78-11380-04

Contents

Topology View Popup Menus 3-22Link Popup Menu 3-22Device Popup Menus 3-23

Interaction Modes 3-25Guide Mode 3-25Expert Mode 3-25

Wizards 3-25

Tool Tips 3-26

Online Help 3-26

CMS Window Components 3-27Host Name List 3-27Tabs, Lists, and Tables 3-28Icons Used in Windows 3-28Buttons 3-28

Accessing CMS 3-29Access Modes in CMS 3-30HTTP Access to CMS 3-30

Verifying Your Changes 3-31Change Notification 3-31Error Checking 3-31

Saving Your Changes 3-31

Using Different Versions of CMS 3-32

Where to Go Next 3-32

C H A P T E R 4 Assigning the Switch IP Address and Default Gateway 4-1

Understanding the Boot Process 4-1

Assigning Switch Information 4-2Default Switch Information 4-3Understanding DHCP-Based Autoconfiguration 4-3

DHCP Client Request Process 4-3Configuring the DHCP Server 4-5Configuring the TFTP Server 4-5Configuring the DNS 4-6Configuring the Relay Device 4-6Obtaining Configuration Files 4-7Example Configuration 4-8

Manually Assigning IP Information 4-10

Checking and Saving the Running Configuration 4-11

vCatalyst 2950 Desktop Switch Software Configuration Guide

78-11380-04

Contents

C H A P T E R 5 Configuring IE2100 CNS Agents 5-1

Understanding IE2100 Series Configuration Registrar Software 5-1CNS Configuration Service 5-2CNS Event Service 5-3

NameSpace Mapper 5-3What You Should Know About ConfigID, DeviceID, and Host Name 5-3

ConfigID 5-3DeviceID 5-4Host Name and DeviceID 5-4Using Host Name, DeviceID, and ConfigID 5-4

Understanding CNS Embedded Agents 5-5Initial Configuration 5-5Incremental (Partial) Configuration 5-6Synchronized Configuration 5-6

Configuring CNS Embedded Agents 5-6Enabling Automated CNS Configuration 5-6Enabling the CNS Event Agent 5-8Enabling the CNS Configuration Agent 5-9

Enabling an Initial Configuration 5-9Enabling a Partial Configuration 5-12

Displaying CNS Configuration 5-12

C H A P T E R 6 Clustering Switches 6-1

Understanding Switch Clusters 6-2Command Switch Characteristics 6-3Standby Command Switch Characteristics 6-3Candidate Switch and Member Switch Characteristics 6-4

Planning a Switch Cluster 6-5Automatic Discovery of Cluster Candidates and Members 6-5

Discovery through CDP Hops 6-6Discovery through Non-CDP-Capable and Noncluster-Capable Devices 6-8Discovery through the Same Management VLAN 6-9Discovery through Different Management VLANs 6-10Discovery of Newly Installed Switches 6-12

HSRP and Standby Command Switches 6-14Virtual IP Addresses 6-15Other Considerations for Cluster Standby Groups 6-15Automatic Recovery of Cluster Configuration 6-17

viCatalyst 2950 Desktop Switch Software Configuration Guide

78-11380-04

Contents

IP Addresses 6-17Host Names 6-18Passwords 6-18SNMP Community Strings 6-18TACACS+ and RADIUS 6-19Access Modes in CMS 6-19Management VLAN 6-20LRE Profiles 6-20Availability of Switch-Specific Features in Switch Clusters 6-21

Creating a Switch Cluster 6-21Enabling a Command Switch 6-22Adding Member Switches 6-23Creating a Cluster Standby Group 6-25Verifying a Switch Cluster 6-27

Using the CLI to Manage Switch Clusters 6-28Catalyst 1900 and Catalyst 2820 CLI Considerations 6-28

Using SNMP to Manage Switch Clusters 6-29

C H A P T E R 7 Administering the Switch 7-1

Preventing Unauthorized Access to Your Switch 7-1

Protecting Access to Privileged EXEC Commands 7-2Default Password and Privilege Level Configuration 7-3Setting or Changing a Static Enable Password 7-3Protecting Enable and Enable Secret Passwords with Encryption 7-4Setting a Telnet Password for a Terminal Line 7-5Configuring Username and Password Pairs 7-6Configuring Multiple Privilege Levels 7-7

Setting the Privilege Level for a Command 7-7Changing the Default Privilege Level for Lines 7-8Logging into and Exiting a Privilege Level 7-9

Controlling Switch Access with TACACS+ 7-9Understanding