Support User Manuals

Cisco Systems 2955 Switch User Manual

Open as PDF

of 674

16-25

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Chapter 16 Configuring VLANs

Configuring VMPS

You can configure a fallback VLAN name. If you connect a device with a MAC address that is not in the

database, the VMPS sends the fallback VLAN name to the client. If you do not configure a fallback

VLAN and the MAC address does not exist in the database, the VMPS sends an access-denied response.

If the VMPS is in secure mode, it sends a port-shutdown response.

Whenever port names are used in the VMPS database configuration file, the server must use the switch

convention for naming ports. For example, Fa0/4Gi0/17 is fixed Fast Ethernet port number 4Gigabit

Ethernet port number 17. If the switch is a cluster member, the command switch adds the name of the

switch before the type. For example, es3%Fa0/4es3%Gi0/17 refers to fixed Fast Ethernet port number

4Gigabit Ethernet port number 17 on member switch 3. When port names are required, these naming

conventions must be followed in the VMPS database configuration file when it is configured to support

a cluster.

Default VMPS Client Configuration

Table 16-6 shows the default VMPS and dynamic port configuration on client switches.

VMPS Configuration Guidelines

These guidelines and restrictions apply to dynamic access port VLAN membership:

• You should configure the VMPS before you configure ports as dynamic.

• When you configure a port as a dynamic access port, the spanning-tree Port Fast feature is

automatically enabled for that port. The Port Fast mode accelerates the process of bringing the port

into the forwarding state.

• IEEE 802.1X ports cannot be configured as dynamic access ports. If you try to enable IEEE 802.1X

on a dynamic-access (VQP) port, an error message appears, and IEEE 802.1X is not enabled. If you

try to change an IEEE 802.1X-enabled port to dynamic VLAN assignment, an error message

appears, and the VLAN configuration is not changed.

• Trunk ports cannot be dynamic access ports, but you can enter the switchport access vlan dynamic

interface configuration command for a trunk port. In this case, the switch retains the setting and

applies it if the port is later configured as an access port.

You must turn off trunking on the port before the dynamic access setting takes effect.

• Dynamic access ports cannot be monitor ports.

• Secure ports cannot be dynamic access ports. You must disable port security on a port before it

becomes dynamic.

• Dynamic access ports cannot be members of an EtherChannel group.

Ta b l e 16-6 Default VMPS Client and Dynamic Port Configuration

Feature Default Setting

VMPS domain server None

VMPS reconfirm interval 60 minutes

VMPS server retry count 3

Dynamic ports None configured

previous next