Link to home
Start Free TrialLog in
Avatar of LB1234
LB1234

asked on

No link light between cisco switch trunk ports, using crossover cable

No link light between cisco switch trunk ports, using crossover cable.  Please see below and thanks for your help.



48_port_switch#sh ip int brief
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  192.168.5.2     YES manual up                    up
Vlan10                 192.168.10.2    YES NVRAM  up                    up
Vlan20                 192.168.20.2    YES NVRAM  up                    down
FastEthernet0/1        unassigned      YES unset  down                  down

Open in new window


48_port_switch#sh int fa0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: 1,10,20
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Open in new window




TestSwitch#sh ip int brief
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  unassigned      YES NVRAM  up                    down
Vlan50                 10.1.50.10      YES NVRAM  down                  down
Vlan100                10.1.100.10     YES NVRAM  down                  down
FastEthernet0/1        unassigned      YES unset  down                  down

Open in new window


TestSwitch#sh int fa0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: 1,10,20
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Open in new window

Avatar of Don Johnston
Don Johnston
Flag of United States of America image
1) It would be helpful to see the configs for these ports. Could be a speed mismatch.
2) Is this a "known good" cable?  If not, either verify the cable or try a different cable.
3) Have you tried a straight-through cable? If not, try that.
Avatar of LB1234
LB1234

ASKER

TestSwitch# sh run
interface FastEthernet0/1
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1,10,20
 switchport mode trunk

Open in new window


48_port_switch# sh run
interface FastEthernet0/1
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1,10,20
 switchport mode trunk
 switchport port-security

Open in new window


2) both done
3) yes, tried straight thru
Avatar of Don Johnston
Don Johnston
Flag of United States of America image
Please post the output (for the 48_port_switch) of a "show port-security interface fastethernet 0/1"
Avatar of LB1234
LB1234

ASKER

48_port_switch#sh port-security interface fastEthernet 0/1
Port Security              : Enabled
Port Status                : Secure-shutdown
Violation Mode             : Shutdown
Aging Time                 : 0 mins
Aging Type                 : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses      : 1
Total MAC Addresses        : 0
Configured MAC Addresses   : 0
Sticky MAC Addresses       : 0
Last Source Address:Vlan   : 000d.bdd1.3800:1
Security Violation Count   : 1

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of Don Johnston
Don Johnston
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of LB1234
LB1234

ASKER

That worked!  Thanks!  Question.  Why did you include "shut" in there?  Wasn't it already shut down?  And why was turning off port-security necessary?
Avatar of Don Johnston
Don Johnston
Flag of United States of America image
Wasn't it already shut down?
Kind of.  Usually when a port is in a secure violation, it's in what's known as errdisable state. Had you done a "show switchport status", it would have shown that.

To clear the condition, you can do a shut/no shut. But with port security enabled with only a single address being allowed, it would have just gone into a violation again.

As for turning off port security, I made an assumption that was not wanted. Especially since it had a one MAC address limit and it was configured on a trunk port. If you're only going to be allowing a single MAC address, it's pretty unlikely that you would need a trunk.