Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
791
Views
10
Helpful
6
Replies

Automatically disable a switchport

dario.didio
Level 4
Level 4

‎02-06-2019 12:13 AM - edited ‎03-08-2019 05:15 PM

Hi all,

We have some VoIP phones located in public hallways.

For security reasons, we want the switchport to go into shut or err-disabled once the port goes down; eg when someone disconnects the phone from it's cable.

I assume this could be accomplished by an EEM script, but because the switch is a Cat2960X, EEM is not supported.

Anyone has an alternative idea to accomplish this?

 

Thanks!

Labels:
0 Helpful
6 Replies 6

Leo Laohoo
Hall of Fame
Hall of Fame

‎02-06-2019 12:20 AM

@dario.didio wrote:

but because the switch is a Cat2960X, EEM is not supported.

2960X supports EEM as long as it's loaded with 15.2 firmware.

dario.didio
Level 4
Level 4
In response to Leo Laohoo

‎02-06-2019 12:43 AM

Hi,
according to the feature navigator, it does not support EEM.
Also, when I try to configure it, the CLI doesn't accept the commands.
We're running 15.2.2.E6
0 Helpful

dario.didio
Level 4
Level 4
In response to dario.didio

‎02-06-2019 12:57 AM

Apparently it was introduced in 15.2.4E:

Features Introduced in Cisco IOS Release 15.2(4)E
(LAN Base for Catalyst 2960-X switches; IP Lite for Catalyst 2960-XR switches) Support for Embedded Event Manager (EEM).
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-2_4_e/releasenotes/rn-1524e-2960x-xr.html#pgfId-246822
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎02-06-2019 12:21 AM

Dont have 2960 available for me to test, if the EEM not supported you have 2 options.

 

1. TCL Script should able to do this task, if you are familiar.

2. or any NMS - solarwinds can able to do this task using SNMP based on traps.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

balaji.bandi
Hall of Fame
Hall of Fame

‎02-06-2019 12:22 AM

I do not have 2960 available for me to test, if the EEM not supported you have 2 options.

 

1. TCL Script should able to do this task, if you are familiar.

2. or any NMS - solarwinds can able to do this task using SNMP based on traps.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Georg Pauwen
VIP
VIP

‎02-06-2019 01:14 AM

Hello,

 

on a side note, I guess what you want to accomplish is that random unauthorized people disconnect the phone and connect some other device to the switchport ? If so, you could also just enable port security and statically configure the port with the MAC address of the phone (save the running config to the startup config). The statically configured MAC address will never age out, so no other device than the originally connected phone will ever be able to connect. That has the advantage of not requiring any sort of manual intervention.

 

2960X(config-if)# switchport port-security mac-address a3cc.09fg.ccf6

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card