LB1234
asked on
No link light between cisco switch trunk ports, using crossover cable
No link light between cisco switch trunk ports, using crossover cable. Please see below and thanks for your help.
48_port_switch#sh ip int brief
Interface IP-Address OK? Method Status Protocol
Vlan1 192.168.5.2 YES manual up up
Vlan10 192.168.10.2 YES NVRAM up up
Vlan20 192.168.20.2 YES NVRAM up down
FastEthernet0/1 unassigned YES unset down down
48_port_switch#sh int fa0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: 1,10,20
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
TestSwitch#sh ip int brief
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM up down
Vlan50 10.1.50.10 YES NVRAM down down
Vlan100 10.1.100.10 YES NVRAM down down
FastEthernet0/1 unassigned YES unset down down
TestSwitch#sh int fa0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: 1,10,20
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
ASKER
TestSwitch# sh run
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20
switchport mode trunk
48_port_switch# sh run
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20
switchport mode trunk
switchport port-security
2) both done
3) yes, tried straight thru
Please post the output (for the 48_port_switch) of a "show port-security interface fastethernet 0/1"
ASKER
48_port_switch#sh port-security interface fastEthernet 0/1
Port Security : Enabled
Port Status : Secure-shutdown
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 000d.bdd1.3800:1
Security Violation Count : 1
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That worked! Thanks! Question. Why did you include "shut" in there? Wasn't it already shut down? And why was turning off port-security necessary?
Wasn't it already shut down?Kind of. Usually when a port is in a secure violation, it's in what's known as errdisable state. Had you done a "show switchport status", it would have shown that.
To clear the condition, you can do a shut/no shut. But with port security enabled with only a single address being allowed, it would have just gone into a violation again.
As for turning off port security, I made an assumption that was not wanted. Especially since it had a one MAC address limit and it was configured on a trunk port. If you're only going to be allowing a single MAC address, it's pretty unlikely that you would need a trunk.
2) Is this a "known good" cable? If not, either verify the cable or try a different cable.
3) Have you tried a straight-through cable? If not, try that.