cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
13241
Views
5
Helpful
9
Replies

Add unmanaged switch to Catalyst: how to set up the port?

Hello everybody.

As I'm quite new to this kind of things, I'll ask here for help.

Needing to temporarily add a switch to an existing network, I have a 5-port unmanaged switch which I should connect to a Catalyst switch. My question is: how would I need to configure the Catalyst port on which I'll connect the unmanaged switch?

My thoughts have been so far:

  • as the switch is unmanaged, it is probably not supporting STP and thus not sending nor receiving BPDUs, right?
  • if the above is correct, I do not need to set the Catalyst port to be a trunk-port, right?

What would be the minimum configuration to apply to that Catalyst port?

TIA and kind regards,

F.

2 Accepted Solutions

Accepted Solutions

It will put it in error-disabled state only if the switchport port-security maximum is configured on the port. By default it's not so you shouldn't have a problem.

View solution in original post

Hi

The configuration which I wrote is for the Catalyst switch. You will connect the unmanaged switch to the port configured in this ways. You do not configure unmanaged switch.

I am suggesting "access mode" because:

- I assume that you will connect PCs to that switch and all those PCs (let's say 8) are supposed to access your production LAN - for example vlan 3. In such case the access mode is the way to go.

- Unmanged switch does not support trunking - this is what I think but I did not check it - so do not call me on that one.

The bpduguard is just in case. You do not have to put it. If you configure it and in the future someone will connect switch which will be able to generate BPDUs the port will shut itself down - and you will know about it. You do not have to configure it.

View solution in original post

9 Replies 9

Leo Laohoo
Hall of Fame
Hall of Fame

1.  Disable STP Portfast on the port.

2.  Try with trunk first.  If it doesn't work then use access port.

Hello and thanks for your feedback.

Wouldn't an access port shut down, if it would "see" more than 1 MAC Address?

F.

It will put it in error-disabled state only if the switchport port-security maximum is configured on the port. By default it's not so you shouldn't have a problem.

Wouldn't an access port shut down, if it would "see" more than 1 MAC Address?

Port will shut down if you use "bpduguard enable" statement.

marcinwojcik
Level 1
Level 1

Hi

Under the interface connected to the switch run following commands:

1. switchport mode access

2. switchport access vlan vlanNo

3. no spanning-tree porfast *you need this only if portfast had been configured before*

4. spanning-tree bpduguard enable *this will put the interface into errpr-disabled state if it gets the BPDUs*

That should do the job.

Hello Marcin.

Why are you suggesting to use "access mode" on the Catalyst port, instead of "trunk mode"?

And why should I enable bpduguard on a port on which I will connect a switch (although an *unmanaged* one)?

Thanks in advance for your explanations.

F.

Hi

The configuration which I wrote is for the Catalyst switch. You will connect the unmanaged switch to the port configured in this ways. You do not configure unmanaged switch.

I am suggesting "access mode" because:

- I assume that you will connect PCs to that switch and all those PCs (let's say 8) are supposed to access your production LAN - for example vlan 3. In such case the access mode is the way to go.

- Unmanged switch does not support trunking - this is what I think but I did not check it - so do not call me on that one.

The bpduguard is just in case. You do not have to put it. If you configure it and in the future someone will connect switch which will be able to generate BPDUs the port will shut itself down - and you will know about it. You do not have to configure it.

Back I am and I did it without having to configure anything on the Catalyst port.

In fact, the port actually remained in its "access mode", maintained also its "bpduguard" and the vlan assignment.

Everything is working fine!

Thanks everybody!

F.

I have configure this as stated and cannot obtain an IP address from a dhcp server connected to random port on the dumb switch. I have port 0/24 and port 0/13 set as below. the dhcp server is on the "native Vlan"?

 

2960-24-SFSCS#sh run int fa0/24
Building configuration...

Current configuration : 85 bytes
!
interface FastEthernet0/24
switchport access vlan 20
switchport mode access
end

2960-24-SFSCS#sh run int fa0/13
Building configuration...

Current configuration : 85 bytes
!
interface FastEthernet0/13
switchport access vlan 20
switchport mode access
end

2960-24-SFSCS#

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco