Re: Troubleshooting commands on 3560G or 3750G? Strange issues.

ttrevino1 · ‎06-11-2013

I'm seeing some odd behavior on one of my 3750 switches and was wondering what commands I can use to troubleshoot with? Or use for diagnostic review? The two issues I'm seeing are I use Packettrap switchport mappper and for some reason on this switch, it's not working. I get a "No SNMP response when checking sysObjectId (1.3.6.1.2.1.1.2.0). Check IP and community string" error. Basically it's saying it can't read the IP or community string, which I've confirmed are both correct and the community string matches the other switches, which do work with this software.

The other issue I had last night, (which might be a Desktop Authority or other 3rd party software issue) is I configured a users switchport for a different vlan for some testing we're doing, and I could confirm it would move to the new vlan, but within a minute, it would be back in the original vlan. I moved this port multiple times, and even moved the user to a differernt switchport, made the same change, and it moved back to the original vlan exactly the same!

I plan to reboot the switch stack as they've been up over 2 years and 30 weeks, but I'd like to see if I can figure out what's going on (or there are any reset or clear commands I can use to resolve these issues) before I reboot the switch and lose any diagnostic information.

Thanks in advance for any help, Tony

glen.grant · ‎06-11-2013

If the port is switching vlans it sounds like it is setup for 802.1X authentication.

ttrevino1 · ‎06-11-2013

I don't believe the switch is set up for 802.1x, but how can I confirm? This user is also now on WIndows 7, if this makes any difference? I wouldn't think it would, however, when we were checking her NIC settings, it kept asking for an adminstrator password. Might be a desktop authority thing, but thought it was odd...

Port config:

interface GigabitEthernet1/0/3

switchport access vlan xxx

spanning-tree portfast

Switch config:

version 12.2

no service pad

service timestamps debug datetime msec localtime

service timestamps log datetime localtime

service sequence-numbers

!

aaa new-model

aaa authentication login default group tacacs+ line

aaa authentication login telnet group tacacs+ local

aaa authentication login ssh group tacacs+ local

aaa authentication enable default group tacacs+ enable

aaa authorization exec default group tacacs+ if-authenticated

!

aaa session-id common

switch 1 provision ws-c3750g-48ts

switch 2 provision ws-c3750g-48ts

switch 3 provision ws-c3750g-48ts

ip subnet-zero

!

no file verify auto

spanning-tree mode pvst

spanning-tree portfast default

spanning-tree extend system-id

ip classless

ip http server

ip http authentication aaa

!

logging trap debugging

snmp-server engineID local 000000090200001B0D6803C0

snmp-server enable traps snmp authentication linkdown linkup coldstart

snmp-server enable traps cluster

snmp-server enable traps entity

snmp-server enable traps vtp

snmp-server enable traps mac-notification

snmp-server enable traps config

snmp-server enable traps hsrp

snmp-server enable traps vlan-membership

radius-server source-ports

!

control-plane

!

mac-address-table notification interval 0

mac-address-table notificationip classless

ttrevino1 · ‎06-11-2013

sho dot1x

Sysauthcontrol Disabled

Dot1x Protocol Version 2

Critical Recovery Delay 100

Critical EAPOL Disabled