Posts in 2012
-
CONTROL Plane Policy
Thursday, June 14, 2012 in Cisco Networking
CBAC and Zone Based FW are all DATA Plane policies. Another type of Security Policies is a Control Plane Policy. This is quite similar to Cisco’s MQC used for the QoS traffic shaping and policing. You can also use the commands like from MQC to …
-
BANNER and MENU Configuration
Wednesday, June 13, 2012 in Cisco Networking
If you need to define a BANNNER to display the user restrictions, have in mind that you can use the variables: $(hostname) $(line) $(domain) You also have an option of creating the DYNAMIC ENTRIES as a banner, and let user use the VARIABLES as a …
-
Etherchannel L2 vs L3
Sunday, June 10, 2012 in Cisco Networking
PAgP (Port Aggregation Protocol) - Cisco Prop. DESIRABLE or AUTO or NONEGOTIATE *in case the link is configured as ACCESS, or the “switchport nonegotiate” command - Protocol Value: 0x0104 - Same multicast group MAC like CDP LACP (Link …
-
Router Security - Best Practices
Wednesday, May 02, 2012 in Cisco Networking
First you should define some RULES for the password definitions. For example - Minimal Password Lenght: (config)#security passwords min-length 7 Permit users to have to wait for 1 minute if they attempt to log in for 3 times, and LOG it: …
-
SNMP
Saturday, April 14, 2012 in Cisco Networking
Send the SNMP traps, Community “Public” to the NMS Server: (config)#snmp-server host 192.168.1.1 traps [Public | Private] If you need to define the VERSION and the COMMUNITY STRING: (config)#snmp-server host 192.168.1.100 traps version 2c …
-
Logging on Cisco IOS Devices
Wednesday, January 25, 2012 in Cisco Networking
Logging is one of the things the Network Engineers are not really fond of, but you need to really understand why and how it needs to be used, for two reasons: 1. Not to miss a major event on a Device. 2. Not to get “overflown” by …