Filter
Top Products
5-13
Catalyst 2940 Switch Software Configuration Guide
78-15507-02
Chapter 5 Clustering Switches
Planning a Switch Cluster
If you change the member-switch password to be different from the command-switch password and save
the change, the switch is not manageable by the command switch until you change the member-switch
password to match the command-switch password. Rebooting the member switch does not revert the
password back to the command-switch password. We recommend that you do not change the
member-switch password after it joins a cluster.
For more information about passwords, see the “Preventing Unauthorized Access to Your Switch”
section on page 7-1.
For password considerations specific to the Catalyst 1900 and Catalyst 2820 switches, refer to the
installation and configuration guides for those switches.
SNMP Community Strings
A member switch inherits the command-switch first read-only (RO) and read-write (RW) community
strings with @esN appended to the community strings:
• command-switch-readonly-community-string@esN, where N is the member-switch number.
• command-switch-readwrite-community-string@esN, where N is the member-switch number.
If the command switch has multiple read-only or read-write community strings, only the first read-only
and read-write strings are propagated to the member switch.
The switches support an unlimited number of community strings and string lengths. For more
information about SNMP and community strings, see Chapter 23, “Configuring SNMP.”
For SNMP considerations specific to the Catalyst 1900 and Catalyst 2820 switches, refer to the
installation and configuration guides specific to those switches.
TACACS+ and RADIUS
Inconsistent authentication configurations in switch clusters cause CMS to continually prompt for a user
name and password. If Terminal Access Controller Access Control System Plus (TACACS+) is
configured on a cluster member, it must be configured on all cluster members. Similarly, if Remote
Authentication Dial-In User Service (RADIUS) is configured on a cluster member, it must be configured
on all cluster members. Further, the same switch cluster cannot have some members configured with
TACACS+ and other members configured with RADIUS.
For more information about TACACS+, see the “Controlling Switch Access with TACACS+” section on
page 7-9. For more information about RADIUS, see the “Controlling Switch Access with RADIUS”
section on page 7-16.
Access Modes in CMS
CMS provides two levels of access to the configuration options: read-write access and read-only access.
Privilege levels 0 to 15 are supported.
• Privilege level 15 provides you with read-write access to CMS.
• Privilege levels 1 to 14 provide you with read-only access to CMS. Any options in the CMS
windows, menu bar, toolbar, and popup menus that change the switch or cluster configuration are
not shown in read-only mode.
• Privilege level 0 denies access to CMS.