Re: Failed Upgrade SG350 20-Port from Firmware v2.5.5.47 to v2.5.9.15

indianajones111 · ‎01-02-2023

I own a SG350-Port 20 Managed Switch. I recently upgrade my firmware from v2.5.5.47 to 2.5.9.15, with the firmware itself, allowing me to log back into the device. However, after the upgrade, my network stopped working. After reloading my startup-config.txt and rebuilding from scratch, I cannot get my old configuration of my VLANs to run. In addition, the port utilization stays at 0%. I use a Firewalla Gold to manage my DHCP/IP addresses. This has worked before this upgrade.

Here is a copy of my startup-config.txt below. What am I doing wrong?

config-file-header
CiscoSwitch
v2.5.5.47 / RTESLA2.5.5_930_364_286
CLI v1.0
file SSD indicator excluded
@
!
unit-type-control-start 
unit-type unit 1 network gi uplink none 
unit-type-control-end 
!
vlan database
vlan 10,20,30,40,50,60,70 
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone
voice vlan oui-table add 00036b Cisco_phone
voice vlan oui-table add 00096e Avaya
voice vlan oui-table add 000fe2 H3C_Aolynk
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone
voice vlan oui-table add 00e075 Polycom/Veritel_phone
voice vlan oui-table add 00e0bb 3Com_phone
loopback-detection enable 
link-flap prevention disable 
bonjour interface range vlan 1
qos advanced 
policy-map "QoS Policy"
exit
hostname CiscoSwitch
logging host 192.168.46.183 port 513 facility local1 
logging aggregation on
username rhettsaunders password encrypted ec43f3abffe97977628675dcaaf26985386889f3 privilege 15 
ip ssh server
snmp-server server
snmp-server engineID local 80000009033c57312b66c3
snmp-server location "Maintenance Closet"
snmp-server contact "Rhett Saunders"
snmp-server filter ifMIB iso included 
snmp-server filter ifMIB ifMIB included 
snmp-server filter Transmission iso included 
snmp-server filter Transmission transmission included 
snmp-server filter "Interface Info" iso included 
snmp-server filter "Interface Info" interfaces included 
snmp-server community-group saunders saunders 172.24.1.122 
snmp-server host 172.24.1.163 traps version 2c public 
snmp-server group saunders v3 priv 
!
snmp-server source-interface traps vlan 1 
snmp-server source-interface informs vlan 1 
no ip http server
clock timezone DEN -7
clock summer-time web recurring usa 
clock dhcp timezone
!
interface vlan 1
name Default 
!
interface vlan 10
name "Main Network" 
!
interface vlan 20
name "Internet of Things" 
!
interface vlan 30
name "Boys' Computers" 
!
interface vlan 40
name "Laptops, Desktops & Printer" 
!
interface vlan 50
name "Tablets & Smart Phones" 
!
interface vlan 60
name Honeypot 
!
interface vlan 70
name "Lorex NVR" 
!
interface GigabitEthernet1
flowcontrol auto 
description "Master Bedroom EAP"
spanning-tree link-type point-to-point 
switchport mode trunk 
switchport trunk native vlan 10 
switchport trunk allowed vlan 2-29,31-69,71-4094 
macro description "switch "
!next command is internal.
macro auto smartport dynamic_type unknown 
!
interface GigabitEthernet2
flowcontrol auto 
description "Rec Room EAP"
spanning-tree link-type point-to-point 
switchport mode trunk 
switchport trunk native vlan 10 
switchport trunk allowed vlan 2-29,31-4094 
macro description "switch "
!next command is internal.
macro auto smartport dynamic_type unknown 
!
interface GigabitEthernet3
flowcontrol auto 
spanning-tree link-type point-to-point 
switchport mode trunk 
switchport protected-port 
switchport trunk allowed vlan 2-9,11-19,21-29,31-39,41-49,51-59,61-69,71-4094 
macro description "switch "
!next command is internal.
macro auto smartport dynamic_type unknown 
!
interface GigabitEthernet4
flowcontrol auto 
description "Butlers Pantry EAP"
spanning-tree link-type point-to-point 
switchport mode trunk 
switchport access vlan 40 
switchport trunk native vlan 10 
switchport trunk allowed vlan 2-29,31-69,71-4094 
macro description "switch "
!next command is internal.
macro auto smartport dynamic_type unknown 
!
interface GigabitEthernet5
flowcontrol auto 
description "Maintenance Closet Deco"
spanning-tree link-type point-to-point 
switchport mode trunk 
switchport trunk native vlan 10 
switchport trunk allowed vlan 2-29,31-69,71-4094 
macro description "switch "
!next command is internal.
macro auto smartport dynamic_type unknown 
!
interface GigabitEthernet6
description "Bitdefender Box"
switchport access vlan 30 
!
interface GigabitEthernet7
flowcontrol auto 
negotiation preferred master 
spanning-tree link-type point-to-point 
switchport mode trunk 
switchport protected-port 
switchport trunk allowed vlan 2-9,11-19,21-29,31-39,41-49,51-59,61-69,71-4094 
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch 
!
interface GigabitEthernet8
spanning-tree link-type point-to-point 
switchport mode trunk 
switchport protected-port 
switchport trunk allowed vlan 2-9,11-19,21-29,31-39,41-49,51-59,61-69,71-4094 
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch 
!
interface GigabitEthernet9
description "Family Room Netgear Switch"
switchport access vlan 20 
!
interface GigabitEthernet10
description RussianBlue
switchport access vlan 10 
!
interface GigabitEthernet11
description "Beastmaster NIC #1"
switchport access vlan 10 
!
interface GigabitEthernet12
description "Beastmaster NIC #2"
spanning-tree disable 
switchport access vlan 10 
!
interface GigabitEthernet13
description "Beastmaster NIC #3"
switchport access vlan 10 
!
interface GigabitEthernet14
description "Beastmaster NIC #4"
switchport access vlan 10 
!
interface GigabitEthernet15
description "Lorex NVR"
switchport access vlan 70 
!
interface GigabitEthernet16
description "Xfinity Modem Reset Device"
switchport access vlan 20 
!
interface GigabitEthernet17
description "Firewalla NIC #3"
storm-control broadcast kbps 100000 
storm-control unicast kbps 100000 
storm-control multicast kbps 100000 
spanning-tree link-type point-to-point 
switchport mode trunk 
switchport trunk allowed vlan 1-29,31-4094 
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch 
!
interface GigabitEthernet18
description "Firewalla NIC #1"
storm-control broadcast kbps 100000 
storm-control unicast kbps 100000 
storm-control multicast kbps 100000 
spanning-tree link-type point-to-point 
switchport mode trunk 
switchport trunk allowed vlan 2-9,11-19,21-39,41-49,51-59,61-69,71-4094 
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch 
!
interface GigabitEthernet19
switchport protected-port 
!
interface GigabitEthernet20
switchport protected-port 
!
exit
banner login 
All actions are recorded.


banner exec 
All actions are recorded.


macro auto processing type host enabled 
ip source-guard 
monitor session 1 destination interface GigabitEthernet12 network 
monitor session 1 source vlan 10 
monitor session 1 source vlan 20 
monitor session 1 source vlan 30 
monitor session 1 source vlan 40 
monitor session 1 source vlan 50 
monitor session 1 source vlan 60 
monitor session 1 source vlan 70

balaji.bandi · ‎01-02-2023

what is the reason for the upgrade, any bug fixes or cisco suggestions?

try resetting to the factory again with the latest firmware and testing it.

if not I will advise going back to the old firmware as working and raising the SMB tac case.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

indianajones111 · ‎01-02-2023

Thank you BB for the swift response. As a cybersecurity professional, I try to maintain the latest firmware upgrades to stay ahead of threat actors. I will follow your instructions and see if that works.