Cisco Cisco IOS Software Release 12.2(35)SE
32
Release Notes for the Catalyst 3750, 3560, 2970, and 2960 Switches, Cisco IOS Release 12.2(25)SEE
OL-8556-01
Open Caveats
Beginning in privileged EXEC mode, follow these steps to configure the HTTP server interface:
•
If you use Internet Explorer Version 5.5 and select a URL with a nonstandard port at the end of the
address (for example, www.cisco.com:84), you must enter http:// as the URL prefix. Otherwise, you
cannot launch the device manager.
address (for example, www.cisco.com:84), you must enter http:// as the URL prefix. Otherwise, you
cannot launch the device manager.
Open Caveats
This section describes the open caveats with possible unexpected activity in this software release. Unless
otherwise noted, these severity 3 Cisco IOS configuration caveats apply to the Catalyst 3750, 3560,
and 2970, and 2960 switches and to Cisco EtherSwitch service modules:
otherwise noted, these severity 3 Cisco IOS configuration caveats apply to the Catalyst 3750, 3560,
and 2970, and 2960 switches and to Cisco EtherSwitch service modules:
•
CSCea80105
When a Cisco IP Phone is connected to the switch, its MAC address is learned on both the port
VLAN identification (PVID) and the voice VLAN identification (VVID). However, when the
dynamic MAC addresses are either manually or automatically removed due to a topology change or
enabling or disabling the port security or IEEE 802.1x feature, the Cisco IP Phone's MAC address
will only be re-learned on the VVID. This occurs when the Cisco IP Phone is connected to a Cisco
Catalyst 2970, 3560, or 3750 and the Cisco IP Phone is using software without the fix for
CSCed84163.
VLAN identification (PVID) and the voice VLAN identification (VVID). However, when the
dynamic MAC addresses are either manually or automatically removed due to a topology change or
enabling or disabling the port security or IEEE 802.1x feature, the Cisco IP Phone's MAC address
will only be re-learned on the VVID. This occurs when the Cisco IP Phone is connected to a Cisco
Catalyst 2970, 3560, or 3750 and the Cisco IP Phone is using software without the fix for
CSCed84163.
When configured for a Voice VLAN, the phone sends untagged Cisco Discovery Protocol (CDP)
packets and tagged voice packets. All frames from any devices connected to the Cisco IP Phone are
sent tagged with the access VLAN ID. Catalyst 2970, 3560, and 3750 switches do not populate the
secure address-table with the source MAC address from CDP packets.
packets and tagged voice packets. All frames from any devices connected to the Cisco IP Phone are
sent tagged with the access VLAN ID. Catalyst 2970, 3560, and 3750 switches do not populate the
secure address-table with the source MAC address from CDP packets.
The workaround is that when using Cisco IP Phones with the fix for CSCed84163 and port-security
configured on the switchport, configure switches with one secure address for the phone, plus
additional MAC addresses for any devices connected to the Cisco IP Phone.
configured on the switchport, configure switches with one secure address for the phone, plus
additional MAC addresses for any devices connected to the Cisco IP Phone.
•
CSCef84975 (Cisco EtherSwitch service modules)
Phone detection events that are generated by many IEEE phones connected to the switch ports can
consume a significant amount of CPU time if the switch ports cannot power the phones because the
internal link is down.
consume a significant amount of CPU time if the switch ports cannot power the phones because the
internal link is down.
The workaround is to enter the power inline never interface configuration command on all the Fast
Ethernet ports that are not powered by but are connected to IP phones if the problem persists.
Ethernet ports that are not powered by but are connected to IP phones if the problem persists.
Command Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
ip http authentication {enable | local |
tacacs}
tacacs}
Configure the HTTP server interface for the type of authentication that
you want to use.
you want to use.
•
enable—Enable password, which is the default method of HTTP
server user authentication, is used.
server user authentication, is used.
•
local—Local user database, as defined on the Cisco router or access
server, is used.
server, is used.
•
tacacs—TACACS server is used.
Step 3
end
Return to privileged EXEC mode.
Step 4
show running-config
Verify your entries.