07-27-2022 03:25 AM - edited 07-27-2022 03:26 AM
Hi,
when a stack of C3650 reloads due to a power issues few times, all access ports change to disabled and parts of port configuration are missing. 4 x stacks, all configured globally the same, only 1 of 4 switch gets this issue, all other 3 are OK. Version 16.12.04 there is no more source template attached to the port configuration ... configuration is done with Prime Jobs and workaround is to reconfigure all ports manually.
we use port templates, here standard config:
interface GigabitEthernet3/0/3
switchport mode access
device-tracking attach-policy UI-access-port
no logging event link-status
speed auto 10 100
no cdp enable
access-session closed
no snmp trap link-status
source template UI_Peak
spanning-tree portfast
depending on ISE authentication of client device, the ports assigns auto its config from template pool example:
template UI_Peak
dot1x pae authenticator
spanning-tree portfast
spanning-tree guard root
switchport access vlan 5
switchport mode access
switchport voice vlan 7
mab
access-session port-control auto
authentication periodic
authentication timer reauthenticate server
service-policy type control subscriber DOT1X-FALLBACK
description secured
!
template UI_Access or WiFi etc
storm-control broadcast level 2.50
storm-control action trap
spanning-tree bpduguard enable
switchport mode access
authentication periodic
authentication timer reauthenticate server
service-policy input PMARKING
service-policy output out_small_Que
description Access WiFi-AP
!
this is how it should look like afterwards:
#sh derived-config int gi3/0/3
description secured
switchport access vlan 5
switchport mode access
switchport voice vlan 7
device-tracking attach-policy UI-access-port
no logging event link-status
speed auto 10 100
no cdp enable
authentication periodic
authentication timer reauthenticate server
access-session closed
access-session port-control auto
mab
no snmp trap link-status
dot1x pae authenticator
spanning-tree portfast
spanning-tree guard root
service-policy type control subscriber DOT1X-FALLBACK
after reboot:
switchport mode access
device-tracking attach-policy UI-access-port
no logging event link-status
shutdown
end
may you help us find where the issue is ?
Regards
07-27-2022 03:39 AM
07-27-2022 04:00 AM
Stop using 16.12.4.
Upgrade to 16.12.7 if you need to use 16.12.X.
Otherwise, use 16.6.X.
07-29-2022 05:24 AM
This is not possible with our current version PI3.6, since the undersized flash of the platforms we have to upgrade - first would have to be deleted more deeply than the Prime can do
07-27-2022 04:13 AM
If the port goes into shutdown mode immediately after a reboot of the switch, the probable cause is the port security setting. If unicast flooding is enabled on that port, it can cause the port to shut down after a reboot. Cisco recommends that you disable the unicast flooding because it also ensures that no flooding occurs on the port once the MAC address limit is reached.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide