Troubleshooting MethodologyCCNA 200-301

Physical Layer Troubleshooting — Cable, SFP, and Port Issues

Presenting Symptom

A workstation in the sales department cannot access the network; the link LED on the switch port is off, and the interface shows 'down/down'.

Network Context

Small branch office with a single Cisco Catalyst 2960 switch (IOS 15.2) connecting 50 workstations. The switch uplinks to a Cisco 4321 ISR router via a GigabitEthernet SFP port. The affected workstation is connected to port Gi0/24 with a Cat6 cable. The rest of the network is operational.

Diagnostic Steps

Check interface status

show interfaces GigabitEthernet0/24

GigabitEthernet0/24 is down, line protocol is down (notconnect)

The interface is administratively up but physically down. 'notconnect' indicates no cable or device detected. If it were 'disabled', it would be administratively down.

Inspect cable and connection

Visually inspect the cable, check for loose connection, bent pins, or damage. Try a known-good cable.

Cable appears intact; reseating does not change LED status.

If cable replacement resolves the issue, the cable is faulty. If not, proceed to check the port and device.

Check SFP module (if applicable for uplink, but here for workstation port it's copper; skip to next step)

show interfaces transceiver

Not applicable for copper port; skip.

For SFP ports, check if transceiver is present and operational. For copper, move on.

Verify device power and NIC status

Check if the workstation is powered on and the NIC is enabled. On Windows, run 'ipconfig /all'.

Ethernet adapter Local Area Connection: Media State . . . : Media disconnected

Media disconnected indicates no link from the NIC side. If the NIC is disabled or faulty, enable or replace it.

Check for port security or errdisable

show interfaces status err-disabled

Port      Name               Status       Reason
Gi0/24    Sales-PC           err-disabled psecure-violation

If the port is err-disabled due to a security violation, it will not come up. Clear the errdisable state and reconfigure port security.

Root Cause

The switch port Gi0/24 is in err-disable state due to a port security violation. A device with a different MAC address was connected, triggering the violation. The port is shut down and requires manual or automatic recovery.

Resolution

1. Identify the violation: 'show port-security interface GigabitEthernet0/24' 2. Clear the errdisable state: 'clear errdisable interface GigabitEthernet0/24' 3. Reconfigure port security with the correct MAC address or disable it if not needed: - To set sticky MAC: 'switchport port-security mac-address sticky' - To allow multiple MACs: 'switchport port-security maximum 2' - To disable port security: 'no switchport port-security' 4. Re-enable the interface: 'shutdown' then 'no shutdown'

Verification

Run 'show interfaces GigabitEthernet0/24' and 'show interfaces status'. Expected output: GigabitEthernet0/24 is up, line protocol is up (connected) Port Name Status Vlan Gi0/24 Sales-PC connected 10 Also verify link LED is green.

Prevention

1. Use 'switchport port-security mac-address sticky' to automatically learn and secure the first MAC address. 2. Set a maximum MAC address count appropriate for the device type (e.g., 1 for a PC). 3. Configure errdisable recovery to automatically re-enable ports after a timeout: 'errdisable recovery cause psecure-violation' and 'errdisable recovery interval 300'.

CCNA Exam Relevance

On the CCNA 200-301 exam, this scenario appears in troubleshooting questions where a port is down/down. Candidates must know how to interpret 'show interfaces' output, identify errdisable causes, and use 'show port-security'. The exam may present a multiple-choice question asking why a port is down or a drag-and-drop to sequence troubleshooting steps.

Exam Tips

Memorize the 'show interfaces' output: 'up/up' is good, 'down/down' is physical issue, 'up/down' is layer 2 issue.

Know that errdisable can be caused by port security, BPDU guard, UDLD, etc. Use 'show interfaces status err-disabled' to see the reason.

Remember the command 'clear errdisable interface <int>' to recover a port without reloading the switch.

Commands Used in This Scenario

show interfaces

Displays detailed status and statistics for all interfaces or a specific interface, used to verify interface operational state, errors, and performance.

show interfaces status

Displays a summary of all switch interfaces including their status, VLAN, duplex, speed, and type, used to quickly verify interface connectivity and configuration.

show port-security

Displays the port security configuration and status on switch interfaces, used to verify and troubleshoot port security settings.

Test Your CCNA Knowledge

Practice with scenario-based questions to prepare for the CCNA 200-301 exam.

Practice CCNA Questions