Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Cisco Switch Configuration Notes

            Modified on Fri, Sep 12, 2025 at 11:37 AM

            NOTE: As of summer 2025, access to Cisco switches is limited to the IT Engineering team.  Consult Engineering if you need a change made on a switch, such as a switchport VLAN change.


            Previously, you could remote into a network switch at any location by opening Putty and logging in with the local ffl-rw account (password in KeePass).  Now, all admins can simply log into a switch with your Windows DAA account credentials (as long as the DAA account is also in the Switch Access security group in AD).


            Open Putty from any machine at the Cleveland data center (the switches are ACL'd to only accept connections from certain IP addresses).  You can use a jumpbox, such as WCLEJump01, BenTest, or another machine in the server or IT (.172) VLANs.


            If you see a # symbol, you are logged in as an admin.


            Most locations (i.e. branches) that have only one switch will usually be found at 192.168.(subnet).2.  Other IPs for locations with multiple switches are listed below:


            172.16.101.2 - LKW server room - rack of 5 switches (5-stack switch) (C1)

                 show switch, will show 5 switches

            172.16.101.4 - LKW Fishbowl closet (C3) - below Treehouse conf room

            172.16.101.5 - LKW QA/PROD/DEV ?


            192.168.3.2 - Westlake Branch (24441 - front entrance)

            192.168.3.4 - Westlake LPO/BCP (24461 - front & back entrance)

            192.168.3.6 - Westlake Basement (24481 - side entrance)

            192.168.3.7 - Westlake Loan Service (24481 3rd floor) - also controls Appraisal (24461 3rd floor)


            OLD:

            172.16.101.3 - LKW HR/Accounting closet (C2) - Cook Road building

            172.16.101.6 - Paisley Monkey (basement / e-scrap room)

            172.16.101.8 - Lakewood Annex (Suite 221)

            172.16.101.9 - Lakewood Annex 2

            172.16.201.1 - LCW 6 CORE switch group (do not touch!)

            192.168.200.3 - LCW 6 CORE (mgmt interface)

            172.16.201.7 - LCW 6 switch (edge stack)

            172.16.201.8 - LCW 7 switch (edge stack)

            192.168.3.3 - Westlake Appraisal Dept. (24481 2nd floor)

            192.168.3.5 - Westlake Detroit branch (old DMARC room)


            To get a list of MAC addresses that are plugged into the switch:

            sLKW1201#show mac add

            SLKW1201#show mac address-table


            To determine the VLAN of a port/show config of interface: show (run) int gi[switch #]/[backplane]/[switch port #]

            e.g. show run int gi1/0/34


            *Adding "run" will give you the running configuration of the switchport.  Show int shows you the condition of the port.


            To change VLAN of a port/interface:

            conf t [to enter configuration terminal to make changes to ports]

            int gi#/0/# [select interface]

            switchport access vlan [current #]

            switchport access vlan [desired VLAN #]

            CTRL-Z [exit configuration]

            show run int gi#/0/# (to confirm result)


            To quickly show the port:

            show mac address-table | i (last 4 of MAC)

            show mac address-table (pipe) inc xxxx


            To do show run int gi... while in configuration:

            do show run int gi1/0/1


            To disable and re-enable a switchport (can help re-establish network connectivity remotely, like unplugging the ethernet cable and plugging it back in after an ipconfig /release && ipconfig /renew):

            conf t

            int gi#0/0#

            shut

            no shut

            Ctrl-Z [to exit configuration]


            wr [write saved changes - ONLY JOEL DOES THIS!]

            (wr me [saves the running configuration to the startup configuration])


            **************************

            To change the VLAN for a Virtual Machine, you can do this in Hyper-V manager on WLKWHV02 (or its appropriate HV server).


            **************************

            Sean C notes:


            type en and press enter to enable editing when connected via serial 


            type a command then press tab, it will complete command being typed. 


            type command -? to show options (service tcp-?)


            000a.aa11.04d6    STATIC      Gi3/0/39


            *************************

            As of September 2023, Radius authentication is now used on all network switches.  


            The Radius Network Policy Servers (NPS):

            - WLKWRAD01 - master server

            - WCOLRAD01 - secondary server in COL


            To get to NPS from the server: In Server Manager --> NPS --> RADIUS Clients


            Radius handles:

            - Authentication (who you are)

            - Authorization (what you have access to do)

            - Accounting (what you did when remoted into the switch)

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0