We have about 20 Cisco SG500 Switches in our network configured with various VLANs, trunks, ports etc.
We recently needed to install additional network capacity so purchased some SG350X switches as the SG500s are end-of-life.
Whilst getting the SG350X configured and ready to deploy, we noticed some weird network issues on our existing network, specifically Wifi access points and IP phones were broken and no longer.
Our investigation revealed that the configuration of the broken ports had been changed and we suspect that the new SG350X may have been the culprit. We did change the admin password of the switch to match that of our other switches so does the SG350X have the ability to manage other switches? And if not, any other ideas of how it couold have happened? Is their an audit of configuration changes?
An example of a change to a ports configuration is from:
interface gigabitethernet1/1/19
loopback-detection enable
dot1x guest-vlan enable
dot1x port-control auto
description 115
switchport trunk native vlan 210
To
interface gigabitethernet1/1/19
loopback-detection enable
dot1x guest-vlan enable
dot1x port-control auto
description 115
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
spanning-tree portfast
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type unknown
OK, looks like it is due to "Auto Smartports" although its surprising we've not been affected before
https://www.cisco.com/c/en/us/td/docs/switches/lan/auto_smartports/12-2_55_se/configuration/guide/asp_cg/concepts.html