Good evening Jason, I hope all is well.
Not sure if you still have access to the equipment to test this with ... I
do not have any lan-lite switches ... , but I have a 2960 in addition to
some other switches.
Have you default an interface and then apply a smart-port macro? Your
config below appears to be a mixture of smart-port and manual configs ...,
not sure if I am seeing this right.
From the CLI:
Type in "*show parser macro*" to see which macros are already built for you
and which ones are right for your enviroment. In your case, apply the one
for cisco-phone, and then configure the voice vlan. If the data vlan is
different, you will need to configure this as well ... no biggie. This
should be it for that port. Take a look at the configs for that port after
you apply the smart-port and voice vlan.
Here is a link:
http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst2960/software/release/12.2_37_ey/configuration/guide/swmacro.html
You should see the QoS and security applied for you. You can always go back
and change any setting you do not want ... but most of the heavy lifting is
done for you.
You can also do this from the GUI or CNA, just make sure the port has been
reset to default first.
HTH,
Andrew Lee LIssitz
On Sat, Jul 18, 2009 at 3:24 PM, Jason Aarons <jaarons_at_hotmail.com> wrote:
> I ve been burned a few times by Port-Security and having ports err-disabled
> due to it any thoughts on this template for my 2960 switches. Came from the
> WebGUI port-macro thing .unfortunately this is from remote lab and I don t
> have anything in front of me to test;
>
> config
> !
> udld aggressive
> !
> mls qos srr-queue output cos-map queue 1 threshold 3 5
> mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7
> mls qos srr-queue output cos-map queue 3 threshold 3 2 4
> mls qos srr-queue output cos-map queue 4 threshold 2 1
> mls qos srr-queue output cos-map queue 4 threshold 3 0
> !
> mls qos rewrite ip dscp
> !
> macro global description cisco-global
> !
> errdisable recovery cause link-flap
> errdisable recovery interval 60
> !
> spanning-tree mode rapid-pvst
> spanning-tree loopguard default
> mls qos rewrite ip dscp
> !
> interface range f0/1 48
> description Host/IP Phone
> no shutdown
> switchport access vlan 2
> switchport mode access
> switchport voice vlan 3
> switchport port-security maximum 2
> switchport port-security
> switchport port-security aging time 2
> switchport port-security violation restrict
> switchport port-security aging type inactivity
> mls qos trust cos
> spanning-tree bpduguard enable
> macro description cisco-phone
> spanning-tree portfast
> end
>
>
> We plug in phones, then PC to back of phone. Also I m thinking for
> 7911/79411
> phones I should have just mls qos trust . Also the LAN Lite 2960 doesn t
> have
> auto-qos voip Cisco-phone so I have to manully set qos You get what
> you
> pay for .
>
>
>
>
>
>
>
>
> EMAILING FOR THE GREATER GOOD
> Join me
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- Andrew Lee Lissitz all.from.nj_at_gmail.com Blogs and organic groups at http://www.ccie.netReceived on Sun Jul 19 2009 - 20:16:08 ART
This archive was generated by hypermail 2.2.0 : Sat Aug 01 2009 - 13:10:22 ART