Cisco 3560 ports stop working after cabeling change

USGLOBAL
USGLOBAL used Ask the Experts™
on
I have a Cisco 3560X switch that I have somehow disabled some of the ports by switching devices/cables. I was doing some wire management and durring the process some of the ports no longer switch. They negotiate and with the device at 1G but no longer actually connect anything to our network. I have looked at some articles about port security and this may be the issue. I really need to turn the security off or get some instruction on how to re enable the ports once a violation has occured

Any help would be apppreciated..
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
show port-security and see if the ports in question has port security configured.  If sticky MAC has been configured with a maximum count of 1, mismatching cables/ports will give you your problem.

if you want to disable port security on an interface, goto interface configuration mode and type "no switchport port-security"

Here is a link to cisco docs.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_25_se/configuration/guide/swtrafc.html#wp1038552

good luck.

Author

Commented:
I did the "no switchport port-security" command on one of the ports in question and it didn't do any good.

Show port-security shows nothing..

SUB-10X#sh port-security
Secure Port  MaxSecureAddr  CurrentAddr  SecurityViolation  Security Action
                (Count)       (Count)          (Count)
---------------------------------------------------------------------------
---------------------------------------------------------------------------
Total Addresses in System (excluding one mac per port)     : 0
Max Addresses limit in System (excluding one mac per port) : 6144

Commented:
Try:

default int gig 0/x

where x is the interface number. This will clear all config from the port, so ensure that you know what vlans etc to apply.
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Commented:
Strange, post a show run, delete anything you don't want us to see, but keep all the interfaces config information.
Hi

do you look at VTP configuration , if it is enabled it will over right the VLAN in the Switch ..

if this is the Case : Keep VTP in Transparent Mode (Recommended) in all switches.

(Delete Extra VLAN from Switch - Don't Keep them)

Also keep Switch Port Mode Access (not Dynamic) this may Cause Converting the Port to Trunk Mode .. ( Hard Code it if it is For Client Use ) ..


you can delete VLAN

Author

Commented:
I will post a sh run today

Author

Commented:
Here is the sh run.
The port i am working with is Gi0/20
sh-run.txt

Commented:
1.  There is no port security Enable
2.  You have two VLANs (the default vlan 1 and vlan10) configured
port 1-12 are in the default VLAN
ports 13-24 are in VLAN 10

Your DHCP server is in your default vlan 1 (192.168.1.23) and your default gateway for switch is 192.168.1.1

verify the following:
0.  Check to make sure you have dhcp scopes configured for both vlans
1.  All computers plugged into ports 1-12, make sure they have ip 192.168.1.x/24 with default gateway pointing to 192.168.1.2 (not 192.168.1.1 unless you have routes define for your vlan 10 sitting on the 192.168.1.1 device) --THIS IS A COMMON MISTAKE.
2.  all computers plugged into ports 13-24 have IP 192.168.10.x/24 with default gateway pointing to 192.168.10.1

When troubleshooting, always ping the close gateway to the host first then, ping the next hop, its next hop.

Good luck.

Author

Commented:
Well I did a reload command and the ports started working. Could this be a hardware issue since the reload fixed it?

Commented:
If a reload fixed it, I would put it down to a config issue - something in the running config which was not written to the startup config.

Author

Commented:
I initiated a "wr" command before the reload.

Commented:
If a port is disabled (shows as err-disabled), you have to issue the "shut" and then "no shut" commands to re-enable it.  Rebooting the switch clears the err-disabled status as well.  The commands "sh int status" and "sh port-security" are handy for seeing the status of the ports.

Author

Commented:
I triesd the "shut" "no shut" commands without relief. That prompted my question about possibly having a faulty switch.

Strange issue... Strange issue indeed.
AkinsdNetwork Administrator

Commented:
I just thought I should bring this up just in case.

While switching cables, are crossover cables mixed with straight cables by accident. Crossover cables would connect switches to one another.

Thanks

Author

Commented:
No cross over cables are in play.
Commented:
A reload command forcing a reboot of the device cured the issue.... odd.

Commented:
I have seen this when there was a lightning strike.   I have only seen this a few times but each time was when there was probably a surge of power back to that port.  I tried nearly all the above suggestions and saw nothing out of the ordinary when doing a "show interface" and only a reload fixed it each time.  My guess is that it is a safety mechanism built into Cisco switches when the port senses a power surge.  

Now I know when a single port is down after a storm that a reboot will fix it and it has worked everytime for me.

Author

Commented:
A reload of the switch was initiated out of desperation to correct this state. It corrected my problem.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial