I totally agree with Josh. It sounds like portfast is disabled, causing spanning tree to block the ports for about 50 seconds until it puts them in a FORWARD state.

I have no idea where to find it in the configuration utility.

To do it from the CLI

Conf t

int fa0/1

spanning portfast

int fa0/2

spanning portfast

.

.

.

etc

I'm not sure where to find it in the http server configuration for a 2950.

Is there a command to set all ports to the portfast setting? I think I need to crack open the manual. I know what I need to do now, Thanks everyone.

To apply this to all non-trunk ports add the following line to globa configuration:

spanning-tree portfast default

Andy

for further knowledge, if you want to set commands on a certain set of ports use the range command,

switch(config)#int range fa0/1 - 24

switch(config-range)#spanning-tree portfast

or whatever you need to do. For port security we disble all ports that we do not have cables in. So I generally shut down the last 5 or 10 ports on a switch using range command.

Why do you disable the non used ports? Is that so anyone walking up to a switch with a laptop or other device cannot plug in and use it?

pretty much. basically it is a CYA move. What we found was happening was a pc would get infected with a virus, have unauthorized software, or another security violation. We would disable that users port until a tier-2 tech could go out to fix the issue. We found that users we getting into our switch room (or non-thinking techs) and plugging the drop into a unused port and bypassing our port block.

Overall I thought it was a horrible process but hey I work for the govt so its bound to have backwards processes. But out of that we decided to disable all unused ports. That way if our "security measures" get bypassed we have something to cover our butts with, and reason to ask for money for individual lock boxes for the access layer switches.