Dot1x multidomain on Catalyst 2960

Similar Questions

• Cisco Catalyst 2960-S switch configured for 802. 1 x sends a query to access the Radius Server Radius

  Setup

  Cisco Catalyst 2960-S running 15.0.2 - SE8

  Under Centos freeRadius 6.4 RADIUS server

  Client (supplicant) running Windows 7

  When Windows client is connected to the port (port 12 in my setup) with authentication of 802. 1 x active switch, show of Wireshark that catalyst sends ask EAP and the client responds with EAP response. But it made not the request to the Radius server. The RADIUS test utility 'aaa RADIUS testuser password new-code test group' works.
  Here is my config running. Any advice would be greatly appreciated.
  #show running mySwitch-
  mySwitch #show running-config
  Building configuration...

  Current configuration: 2094 bytes
  !
  version 12.2
  no service button
  horodateurs service debug datetime msec
  Log service timestamps datetime msec
  no password encryption service
  !
  hostname myswitch
  !
  boot-start-marker
  boot-end-marker
  !
  activate the password secret 5 $1$ Z1z6$ kqvVYRQdVRZ0h8aDTV5DR0 enable password!
  !
  !
  AAA new-model
  !
  !
  AAA dot1x group group radius aaa accounting dot1x default start-stop radius authentication group!
  !
  !
  AAA - the id of the joint session
  1 supply ws-c2960s-24ts-l switch
  !
  !
  !
  !
  !
  control-dot1x system-auth
  pvst spanning-tree mode
  spanning tree extend id-system
  !
  !
  !
  !
  internal allocation policy of VLAN no ascendant interface FastEthernet0 no stop ip address!
  GigabitEthernet1/0/1 interface
  !
  interface GigabitEthernet1/0/2
  !
  interface GigabitEthernet1/0/3
  !
  interface GigabitEthernet1/0/4
  !
  interface GigabitEthernet1/0/5
  !
  interface GigabitEthernet1/0/6
  !
  interface GigabitEthernet1/0/7
  !
  interface GigabitEthernet1/0/8
  !
  interface GigabitEthernet1/0/9
  !
  interface GigabitEthernet1/0/10
  !
  interface GigabitEthernet1/0/11
  !
  interface GigabitEthernet1/0/12
  switchport mode access
  Auto control of the port of authentication
  dot1x EAP authenticator
  !
  interface GigabitEthernet1/0/13
  !
  interface GigabitEthernet1/0/14
  !
  interface GigabitEthernet1/0/15
  !
  interface GigabitEthernet1/0/16
  !
  interface GigabitEthernet1/0/17
  !
  interface GigabitEthernet1/0/18
  !
  interface GigabitEthernet1/0/19
  !
  interface GigabitEthernet1/0/20
  !
  interface GigabitEthernet1/0/21
  !
  interface GigabitEthernet1/0/22
  !
  interface GigabitEthernet1/0/23
  !
  interface GigabitEthernet1/0/24
  !
  interface GigabitEthernet1/0/25
  !
  interface GigabitEthernet1/0/26
  !
  interface GigabitEthernet1/0/27
  !
  interface GigabitEthernet1/0/28
  !
  interface Vlan1
  IP 10.1.2.12 255.255.255.0
  !
  IP http server
  IP http secure server
  activate the IP sla response alerts
  recording of debug trap
  10.1.2.1 host connection tcp port 514 RADIUS-server host 10.1.2.1 transport auth-port 1812 acct-port 1646 timeout 3 retransmit testing123 key 3.
  Line con 0
  line vty 0 4
  password password
  line vty 5 15
  password password
  !
  end

  interface GigabitEthernet1/0/16
  !
  interface GigabitEthernet1/0/17
  !
  interface GigabitEthernet1/0/18
  !
  interface GigabitEthernet1/0/19
  !
  interface GigabitEthernet1/0/20

  Have you run wireshark on the server because the request to switch? If so you make sure that there is a response from the server? For Windows network POLICY Server (I've never tried Centos), you must ensure that the request is related to a policy which then authenticates, or denies access. Usually, it is a matter of such attributes and the seller.

  Regarding the configuration, it seems a bit out of the AAA. Try to remove the:

  line "aaa dot1x group service radius authentication" and this by using instead:

  "aaa dot1x default radius authentication group". After the dot1x word you are supposed to provide a list of the authentication or the default Word if you do not want to use a list.

• 6248 FI Cisco's UCS with Cisco catalyst 2960 connectivity

  In our environment, UCS, connects the two fabric as a Cisco Nexus 9 k switch upstream with vPC and it works well. But we need to isolate some virtual servers on the blades of the UCS on an entirely separate DMZ switch which is Cisco catalyst 2960.

  (1) so can we connect cables separate physical twinax of FI uplink ports to catalyst 2960 and connectivity to the servers in the DMZ keeping YEW to nexus connectivity as it is?

  (2) in this case, as there are 2 switches to nexus core 1 and 2 so we will require 2 cisco catalyst 2960 for disjoint such a network? or otherwise we can connect A FI and FI B to one on his 2 numbers 2960 switch. Gig SFP ports + 10?

  (3) also suggest things must be taken in charge, the best guides practice or an illustration in this context.

  The assignment is static and cannot be changed.

  location 1 - uplink 1

  slot 2 - uplink 2...

  If a property has no blade, the corresponding uplink is not used and that can not be changed!

  This dedication of uplinks of IOM is of course a lot of resources: cables, ports on FI, allowed port,...

• Web authentication Catalyst 2960

  Hello

  I am trying to configure Web authentication relief on a catalyst 2960 switch. The goal is to authenticate customers via web authentication that are consistent (the part of 802. 1 x works fine) not 802. 1 x and allow them access to the network. The problem is that the web authentication seems to fail.

  The equipment about my question: switch catalyst 2960 (version: 122 - 37.SE) and a FreeRadius.

  Here's what happens:

  The authentication window will appear in my browser and the access request is sent to the RADIUS.

  The term RADIUS replies with an Access-Accept. Debugging running on the switch show that all this information is coming properly authentication and switch outputs debug a 'status = PASS' and permission to debug outputs a 'status = PASS_ADD'. Despite this the browser on the client generates a message "authentication failure".

  I have read the manual and the Cisco attribute value pairs are mentioned: ' priv-lvl = 15' and «proxyacl...»» ». They are required to make it work? Given that I'm not setting up any authentication switch connection via RADIUS.

  Any suggestions?

  Thanks in advance

  Yes, they are mandatory.

  If priv-lvl = 15 is not returned to the switch, the user will see? Authentication failed? and the access list will not apply. If the source in the statements of proxyacl field is not? everything? or there are other errors of syntax, the user will see? Successful authentication? but the access list will not apply and the user will be denied access to the network.

  Not sure about the configuration of specific FreeRADIUS, but you need to set up the? [026\009\001] Cisco av pair VSA. It should look like:

  Priv-lvl = 15

  proxyacl #10 = ip permit a whole

  Let me know if this lets you squared

• Aironet 1252 with catalyst 2960-8TC-L & 1841 router compatibility

  Hello

  First of all they are togther a good combination?

  I'll buy new ap 1252 and switch catalyst 2960-8TC-L my question can I connect the access point to 1 x 10/100/1000Base-T/SFP (mini-GBIC) (uplink) port?

  because to work on ap with capacity 300 Mbps, it needs port 1000, I will use to power ap powerinjector.

  It will be 15 sereve pc as a working group and 60 customers on wlan.

  Concerning

  Saher

  Depending on the type of traffic and bandwidth customer requirements demand, you might need a couple more of ap which means you may have to settle for a switch of 24 ports. Cisco recommends 15-25 users by so, but still, you can have more if it's just e-mail and web browsing.

• How acess catalyst 2960-s

  How acess catalyst 2960-s

  The main method of management is the Cisco Network Assistant however if you need to use the console port, then use the supplied RJ45 to DB9 cable to connect to a local serial port.

  Software wise, that it is possible to extract the 2 files HyperTerminal from a CD in Windows XP to run on a Win7 PC. The best alternative is a PuTTY terminal emulator.

• not visible on the switch Catalyst 2960 vNIC...

  Dear all,

  I configured the UCS chassis with 5 blades and installed the esxi on all five blades...

  I created a VNIC 10 per server and by now I have ip for esxi management by combining two NICs for and YEW is connected to the switch catalyst 2960. The uplinks are 1 Gig at the END and at the end of the switch... and I made these trunk at the end of the switch, all permitted the VLAN on the trunk link

  I have configured all the VLANS on during vNIC based on a model and all of those selected. vlan1 is the vlan by default & selected the same.

  Please help me to solve the problem... I got tired of all the means & could not able to find a solution.

  Kind regards

  Gopi G

  Greetings.

  Please confirm you learn your esxi mgmt addresses (VMK0 will inherit mac vnic UCSM) on FI: #connect nxos

  #See table of mac addresses

  Do the same on your 2960 switches.  You see the mac addresses on the ports of 2960 connected for the UCSM uplinks?

  Your uplinks UCSM go the 2960 into a port channel?

  Thank you

  Kirk

• Button Mode Catalyst 2960

  Hello

  Can someone tell me a method of turning off the function of the Mode button on a catalyst 2960 to stop this reboot of the switch after being detained for 10 seconds? Even with a config full on the switch, the function "reset" always seems to bypass the config and clear/reload the switch.

  Is it possible to disable this feature in the software?

  Thank you very much

  Charlie Read

  Try the following command: no express installation

  See the following link for more details on the order.

  http://www.Cisco.com/en/us/products/hw/switches/ps628/products_command_reference_chapter09186a00801a6c4a.html#3549999

  I hope this helps.

  Steve

• The Catalyst 2960 G switch configuration

  Is it possible to configure a Catalyst 2960 G Switch to act as / be an unmanaged (no router) switch?  If so, please provide detailed and simple instructions.

  Hi @lcbalogh1,

  I think that these switches are not routing compatible, but one thing... What you want to do is to have the switch set in a single broadcast domain (all ports in the same VLAN), right? If so, follow these steps:

  • Disable the routing features with the configuration command global "don'tno ip Routing.
  • If the first command is not accepted, type the "No dsm prefer lanbase-routing.

  These two steps above to disable the routing features.

  OK, to mark all the ports of the members of the same VLAN, you have a few options:

  • You can leave all the default ports VLAN (VLAN 1)
  • Or, you can configure all ports in another VLAN different
    • switchport mode access
    • access switchport vlan id - vlan>

  Hope this is useful for you.

  Rgrds,

  Martin, computer scientist

• Comments-vlan; Catalyst 2960

  Hello

  I would like to set up a guest - vlan and vlan restricted on a switch 2960, but I can't.

  The version of IOS (hollow obtained: see version) is:

  SW Version SW Image model switch ports
  ------ ----- -----              ----------            ----------
  * 1 52 WS-C2960S-48 I/S-L 12.2 (53) SE2 C2960S-UNIVERSALK9-M

  I am configuring the interface using the following commands:

  RAK-ASW01 #configurer
  Configuration of terminal, memory, or network [terminal]?
  Enter configuration commands, one per line.  End with CNTL/Z.
  RAK-ASW01 (config) #interface gigabitEthernet 0/1/11
  Access to RAK-ASW01(config-if) #switchport mode
  Self control-port RAK-ASW01(config-if) #dot1x
  RAK-ASW01(config-if) #dot1x comments - vlan 17
  RAK-ASW01(config-if) #end

  the result is the following, as if the comments - vlan only is not supported:

  RAK-ASW01 #show dot1x interface gigabitEthernet 0/1/11
  Dot1x Info GigabitEthernet1/0/11
  -----------------------------------
  EAP AUTHENTICATOR =
  PortControl = AUTO
  ControlDirection = both
  HostMode = SINGLE_HOST
  QuietPeriod = 60
  ServerTimeout = 0
  SuppTimeout = 30
  ReAuthMax = 2
  MaxReq = 2
  TxPeriod = 30

  RAK-ASW01 #.

  similar result is trying to set up a local network virtual auth failure.

  the full configuration file is attached.

  Many thanks in advance,

  Wawan972_

  Hello

  You see it here. It is expected if you use this command.

  How to see he uses 'show interface running x/x' and see if configuration commands are there, or if there is already a device on the port if you use the command 'show the interface of the x/x authentication session' and see if the vlan comments is used or not.

  HTH,
  Tiago

  --

  If this helps you or answers to your question if it you please mark it as 'responded' or write it down, if other users can easily find it.

• Reviews for iSCSI NFS e 3100 & Catalyst 2960-S vs?

  I'll put up my first SAN, a 3100 e with 2 NICs by MS.  We chose a pile of Cisco 2960-S for redundancy at the network level, and during the planning phase, I had chosen to use NFS.  E does not deduplication with iSCSI support (someone?), and the performance is roughly equal to this environment.  It is 3 guests with approximately 15 production MV; I expect a usage rate of 20% per host based on statistics collected from the current production environment.

  The glitch is 2960-S is limited to 6 ports-channels, even in a pile!  Initially, my plan was simple enough, and a commercial engineer.  Create channel-port on each host to storage traffic and traffic VM vMotion/HA.  Each of them would be 2 gigabit NIC in a VLAN dedicated.  But, now that I have that 6 Channel ports to work with, what is the best solution?  I would go with NFS, if possible, but I can't understand a good way to provide a high availability and balancing at the network level (yes I know that the effectiveness of IP hash is questionable in a port channel).

  In the past, I have Setup iSCSI multipathing in environments of test with good results, but it is a little more complex that I want to get for such a small environment, and we lose deduplication.

  Is back to the original question - possible to NFS, highly available, without aggregation of links?  I am referring to each element of the stack - host, network and SAN.  Is there another method would you recommend, and if so, why?

  A few thoughts I had:

  Wouldn't be better to put the vMotion/HA NIC on access ports with 1 NIC in standby mode and use the port for NFS instead channels?  Once the environment is fully migrated, I expect vMotion will be made during failures and maintenance periods.

  If I assigns an IP address to a store NFS SP A and it fails, MS B will remain passive until a failure and then take control of this IP/action?  Or the store NFS appears twice in my list of data stores?

  Thanks for your comments!

  Here is my attempt at bad taking a picture to help visualize this

  I had to redact the names and IP addresses

  MGMT use vmnic1 as a primary vmnic5, as a backup. It is the VLAN 125

  vMOTION uses vmnic5 as a primary vmnic1, as a backup. It is 126 VLAN.

  vmnic1 and vmnic5 are shared resources at the level of the physical switch to allow the 125 & 126 VLAN.

  

• Switch Cisco 2960/3560 = > recovery password and default settings with the button Mode

  Hi Experts,

  I have some confusion with the button Mode with cisco 2960/3560 switches.

  I read on many forums and articles, but where things are not clear.

  a place given 3 seconds and somewhere is given 7 or 10 seconds.

  Qus1), what is the exact time to press/hold Mode button to perform two following tasks:

  A. password recovery (according to my knowledge 3 sec) good or bad?

  Configuration of the switch (start + run) would be safe

  After the recovery of password? Yes or no

  B. factory default (according to my knowledge 10 dry) good or bad?

  I'm afraid, because if I press mode button more than 3 seconds, then

  It will delete any configuration of cisco switch. Yes or no

  Qus2) I want to recover the catalyst 2960/3560 switch password without

  Start/run configuration to lose. That is my main concern.

  Please tell me how to do this, what will be the time keeping Mode buttom

  in a few seconds?

  Qus3) which means this line

  "If the password recovery mechanism is disabled in switch

  then you will lose all the config.

  This sentence has been given on this forum url

  https://supportforums.Cisco.com/thread/140848

  KS

  Attach a terminal or PC with terminal emulation (for example, Hyper Terminal) port console switch.

  Use the following terminal settings:

  • Bits per second (baud): 9600

  • Data bits: 8

  • Parity: None

  • Stop bits: 1

  • Flow control: Xon/Xoff

  Note: For more information on the wiring and connection of a terminal to the console port, refer to connecting a Terminal to the Console Port of Catalyst switches.

  Unplug the power cable.

  The power switch and take it to the switch: command prompt:

  2900XL, 3500XL, 2940, 2950, 2960, 2970, 3550, 3560, and 3750 switches of the series, to do this:

  Press and hold the mode button located on the left side of the façade, while you reconnect the power cable from the switch.

  2960, 2970

  Release the Mode button when the SYSTEM LED flashes orange and then turns green. When you release the Mode button, the SYSTEM LED flashes green.

  3560, 3750

  Release the Mode button after about 15 seconds when the SYSTEM LED turns green. When you release the Mode button, the SYSTEM LED flashes green.

  The system was interrupted before the flash at the end file system initialization

  loading the operating system software:

  flash_init

  load_helper

  boot

  switch:

  Run the flash_init command.

  switch: flash_init Initializing Flash... flashfs[0]: 143 files, 4 directories flashfs[0]: 0 orphaned files, 0 orphaned directories flashfs[0]: Total bytes: 3612672 flashfs[0]: Bytes used: 2729472 flashfs[0]: Bytes available: 883200 flashfs[0]: flashfs fsck took 86 seconds ....done Initializing Flash. Boot Sector Filesystem (bs:) installed, fsid: 3 Parameter Block Filesystem (pb:) installed, fsid: 4 switch: !--- This output is from a 2900XL switch. Output from !--- other switches will vary slightly.

  Run the load_helper command.

  switch: load_helper switch:

  Question the dir flash: command.

  Note: Be sure to type a colon ":" after the dir flash.

  Appears in the file system of the switch:

  switch: dir flash: Directory of flash:/ 2    -rwx  1803357                  c3500xl-c3h2s-mz.120-5.WC7.bin !--- This is the current version of software. 4    -rwx  1131                     config.text !--- This is the configuration file. 5    -rwx  109                      info 6    -rwx  389                      env_vars 7    drwx  640                      html 18   -rwx  109                      info.ver 403968 bytes available (3208704 bytes used) switch: !--- This output is from a 3500XL switch. Output from !--- other switches will vary slightly.

  Type rename flash: flash: config.old config.text to rename the configuration file.

  switch: rename flash:config.text flash:config.old switch: !--- The config.text file contains the password !--- definition.

  Issue the boot command to boot the system.

  switch: boot Loading "flash:c3500xl-c3h2s-mz.120-5.WC7.bin"...############################### ################################################################################ ###################################################################### File "flash:c3500xl-c3h2s-mz.120-5.WC7.bin" uncompressed and installed, entry po int: 0x3000 executing... !--- Output suppressed. !--- This output is from a 3500XL switch. Output from other switches !--- will vary slightly.

  Enter "n" at the prompt to abort the initial configuration dialog box.

  --- System Configuration Dialog --- At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Continue with configuration dialog? [yes/no]: n !--- Type "n" for no. Press RETURN to get started. !--- Press Return or Enter. Switch> !--- The Switch> prompt is displayed.

  At the switch prompt, type en to enter a mode.

  Switch>en Switch#

  Password recovery

  Type rename flash: config.old flash: config.text to rename the configuration file with its original name.

  Switch#rename flash:config.old flash:config.text Destination filename [config.text] !--- Press Return or Enter. Switch#

  Copy the configuration file in the memory.

  Switch#copy flash:config.text system:running-config Destination filename [running-config]? !--- Press Return or Enter. 1131 bytes copied in 0.760 secs Sw1#

  The configuration file is now reloaded.

  Replace the current passwords that you do not know. Choose a password with at least one capital letter, one number and one special character.

  Note: Replace passwords that are required. You must crush not all passwords listed.

  Sw1# conf t !--- To overwrite existing secret password Sw1(config)#enable secret !--- To overwrite existing enable password Sw1(config)#enable password !--- To overwrite existing vty password Sw1(config)#line vty 0 15 Sw1(config-line)#password Sw1(config-line)#login !--- To overwrite existing console password Sw1(config-line)#line con 0 Sw1(config-line)#password 

  Write the running configuration in the configuration file with the write memory command.

  Sw1#write memory Building configuration... [OK] Sw1#

  For factory reset:

  do not give under the control of factory reset

  Switch#copy flash:config.text system:running-config

  can I copy the running configuration to Flash

  Switch flash running-config #copy:

  Destination file name [running-config]?

  Building configuration...

  [OK]

  Switch #copy running-config startup-config

  Name of destination file [startup-config]?

  Building configuration...

  [OK]

  Review the link for more information below

  http://www.Cisco.com/en/us/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml

  Please note the useful messages.

  Concerning
  Vesta
  "Everybody is genius." But if you judge a fish by its ability to climb on a tree, he will live his entire life, believing that this is stupid. "

• Make a choice of switching - catalyst 500/520/ESW Linksys SRW / SFE

  Hello someone would be able to clarrify please where Cisco takes in what concerns the SMB switching product portfolio that I'm getting a little confussed.

  My estimate that we currently have available that which follows to the SMB market, has decided there is a price difference significant between some of the product lines, but it seems that the choice when choosing a suitable switch fades a bit and starts to go down in price rather than the features and performance characteristics.

  • Cisco Catalyst Express 500 series switches
  • Cisco Catalyst Express 520 series switches
  • Cisco Small Business Pro ESW 500 series switches
  • Cisco Small Business Managed switch (Linksys Business Series)
  • Cisco Small Business Smart switch (Linksys Business Series)
  • Cisco Catalyst 2960 Series switches
  1. Can I ask if there are plans to merge some of the ranges of products like the 500 and 520, which are the two similiarly priced, managed in almost the same way and have the same function defined.
  2. Are there plans for the ESW line replace the Linksys SRW/SFE and Cisco 500/520 existing equivalents?
  3. I would correct assuming the ESW line runs the Code of IOS?

  Any help would be appreciated.

  Concerning

  Mark Rigby

  Mark,

  Big questions.  Thanks for posting.

  1. Yes, you can expect that over time, the ESW 500 series will replace the Catalyst Express series.

  2. There are no plans for the series of ESW 500 replace SRW/SFE switches.  These product families are somewhat overlapping, but intended for different types of SME customers and partners VAR.

  3. you are incorrect in assuming that the ESW is base IOS.  It is not the case.

  The attached PDF provides a comparison of high-level Cisco switches that sell on SMB.

  Thank you

  Florian

• Modules SFP to use on catalyst 3650-24TD-E

  Hello

  We intend to buy a catalyst 3650-24TD-E switches, and I would be about to buy the good modules SFP and SFP + for it. As you know, this switch model supports 2 1 Gigabit SFP and 2-port 10 Gigabit SFP + uplink.

  We have already other catalyst 2960 switch with SFP GLC-SX-MM modules for uplink connections.

  What SFP / SFP + models you recommend?

  Best regards

  What SFP / SFP + models you recommend?

  GLC-SX-MMD

• AAA w/RSA: "any type of permission...". »

  I've set up a router and a switch to AAA using a server RADIUS of RSA. Both are RSA 'Agent hosts' with identical configurations. Router (2621XM/EntServ Version 12.4 (18)) and switch (3560-24PS/IPBase - 12.2 (25) SEB2) have identical configs AAA, and RADIUS/RSA is very well regarding the access code will be accepted. But the switch won't let me:

  **********************

  User name:

  Password:

  PASSWORD accepted

  % Failed authorization.

  **************************

  When I do "deb radius authentication" on each, the outputs are the same until the last 2 lines. The router that works says:

  000055.: Jan 16 12:22:51 CEST: RADIUS (00000005): receipt of id 1645/3

  000056:. Jan 16 12:22:51 IS: RADIUS/DECODE: fragments of response Message, 19, total 19 bytes

  But the switch says:

  000284: Jan 16 12:20:47 UTC: RADIUS: saved the authorization for user 3030220 to 3034440 data

  000285: Jan 16 12:20:47 UTC: RADIUS: no type of permission for the user.

  The only other difference I can think of is that I use ssh for router and switch telent (IPBase apparently no habla "crypto", I could use another IOS I think.)

  Any clue? TIA

  Paul

  If I were you, I would like to 'disable' permission

  on the catalyst 3560. I n an identical

  Setup like yours on mine Catalyst 2960 and it

  works very well. See below:

  [[email protected] / * / root] # telnet 192.168.0.5

  192.168.0.5 by train...

  Connected to 192.168.0.5 (192.168.0.5).

  [Escape character is ' ^]'.

  C

  *****************

  User access audit

  Username: test4

  Password:

  Enter your new PIN, containing 4-8 digit.

  or

  to cancel the procedure of the new PIN:

  Please re - enter new PIN code:

  Wait for the code on your card to change, and then sign in with the new PIN code

  Enter the PASSWORD:

  C2960 #sh worm

  Cisco IOS software, software C2960 (C2960-LANBASEK9-M), Version 12.2 (25) SEE4, RELEASE SOFTWARE (fc1)

  Copyright (c) 1986-2007 by Cisco Systems, Inc.

  Updated Tuesday 16 July 07 02:53 by myl

  Image text-base: 0 x 00003000, database: 0x00CC0000

  ROM: Bootstrap program is C2960 boot loader

  BOOTLDR: C2960 Boot Loader (C2960-HBOOT-M) 12.2 (25r) the SEE1, release SOFTWARE (fc1)

  C2960 uptime is 2 weeks, 6 days, 14 hours, 10 minutes

  System to regain the power ROM

  System restarted at 23:20:30 GMT Wednesday, December 26, 2007

  System image file is "flash: c2960-lanbasek9 - mz.122 - 25.SEE4.bin".

  This product contains cryptographic features and is under the United States

  States and local laws governing the import, export, transfer and

  use. Delivery of Cisco cryptographic products does not imply

  third party approval to import, export, distribute or use encryption.

  Importers, exporters, distributors and users are responsible for

  compliance with U.S. laws and local countries. By using this product you

  agree to comply with the regulations and laws in force. If you are unable

  to satisfy the United States and local laws, return the product.

  A summary of U.S. laws governing Cisco cryptographic products to:

  http://www.Cisco.com/WWL/export/crypto/tool/stqrg.html

  If you need assistance please contact us by mail at

  [email protected] / * /.

  processor of WS-C2960G-24TC-L (PowerPC405) Cisco (revision B0) with 61440K / 4088K bytes of memory.

  Card processor ID FOC1036X0F1

  Last reset of tension

  2 virtual Ethernet interfaces

  24 gigabit Ethernet interfaces

  Password recovery mechanism is activated.

  64K bytes of memory simulated by flash not volatile configuration.

  Basic Ethernet MAC address: 00:19:55:1 B: D6:00

  Number of the motherboard: 73-10015-05

  Power supply part number: 341-0098-02

  Motherboard serial number: FOC10352NF2

  Power supply serial number: AZS103402ZF

  Revision number of the model: B0

  Motherboard revision number: B0

  Model number: WS-C2960G-24TC-L

  System serial number: FOC1036X0F1

  Top Assembly part number: 800-26673-02

  Top of page revision number of the Assembly: C0

  Version ID: V02

  CLEI Code number: COM3G00BRA

  Revision number of hardware consulting: 0x01

  SW Version SW Image model switch ports

  ------ ----- ----- ---------- ----------

  * 1 WS-C2960G-24TC-L 12.2 24 (25) SEE4 C2960-LANBASEK9-M

  Configuration register is 0xF

  C2960 #sh run | AAA Inc.

  AAA new-model

  AAA RADIUS local group authentication connection test

  AAA authentication login test1 group Ganymede + local

  AAA authentication login notac local

  Group AAA dot1x default authentication RADIUS

  AAA - the id of the joint session

  C2960 #.

  CCIE Security