Friday, May 30, 2008

Port Security on Cisco Switches

Port Security: 1900 Series Switches

1900 Series Switch

1900Switch(config-if)#port secure

Interface will become secure

1900Switch(config-if)#port secure max-mac-count 1

Only one MAC address will be allowed in the MAC table for this interface


2900 Series Switch

2900Switch(config)#int fa0/1

2900Switch(config-if)#port security

2900Switch(config-if)#port security max-mac-count 1

Only one MAC address will be allowed for this interface

2900Switch(config-if)#port security action shutdown

Port will shut down if violation occurs


2950 Series Switch

2950Switch(config)#int fa 0/1

2950Switch(config-if)#switchport port-security

2950Switch(config-if)#switchport port-security mac-address sticky

Interface converts all MAC addresses to sticky secure addressesonly the MAC address learned first will now be accepted on this port

2950Switch(config-if)#switchport port-security maximum 1

Only one MAC address will be allowed for this interface

2950Switch(config-if)#switchport port-security violation shutdown

Port will shut down if violation occurs


Monday, May 26, 2008

Resetting Switch Configuration

Resetting Switch Configuration

1900 Series Switch

1900switch#delete vtp

Removes VLAN Trunking Protocol (VTP) information

1900switch#delete nvram

Resets switch back to factory defaults

1900switch>en


1900switch#reload

Restarts the switch


2900/2950 Series Switch

switch#delete flash:vlan.dat

Removes VLAN database from Flash memory

Delete filename [vlan.dat]?

Press Enter

Delete flash:vlan.dat? [confirm]

Reconfirm by pressing Enter

Switch#erase startup-config

Erases file from NVRAM



Switch#reload

Restarts the switch


Tuesday, May 20, 2008

Configuration Example: EIGRP

Configuration Example: EIGRP

Figure A shows the network topology for the configuration that follows, which shows how to configure EIGRP using the commands covered in this chapter.

Figure 10-1. Network Topology for EIGRP Configuration













Note:

The host name, password, and interfaces have all been configured as per the configuration example in configuring a router section, "Configuration Example: Basic Router Configuration"


Boston Router

Boston>en


Boston#config t


Boston(config)#router eigrp 100

Enables EIGRP routing

Boston(config-router)#no auto-summary

Disables auto summarization

Boston(config-router)#eigrp log-neighbor-changes

Changes with neighbors will be displayed

Boston(config-router)#network 172.16.0.0

Advertises directly connected networks (classful address only)

Boston(config-router)#exit


Boston(config)#exit


Boston#copy run start



Buffalo Router

Buffalo>en


Buffalo#config t


Buffalo(config)#router eigrp 100

Enables EIGRP routing

Buffalo(config-router)#no auto-summary

Disables auto summarization

Buffalo(config-router)#eigrp log-neighbor-changes

Changes with neighbors will be displayed

Buffalo(config-router)#network 172.16.0.0

Advertises directly connected networks (classful address only)

Buffalo(config-router)#Ctrl+Z

Exits back to privileged mode

Buffalo#copy run start



Bangor Router

Bangor>en


Bangor#config t


Bangor(config)#router eigrp 100

Enables EIGRP routing

Bangor(config-router)#no auto-summary

Disables auto summarization

Bangor(config-router)#eigrp log-neighbor-changes

Changes with neighbors will be displayed

Bangor(config-router)#network 172.16.0.0

Advertises directly connected networks (classful address only)

Bangor(config-router)#Ctrl+Z

Exits back to privileged mode

Bangor#copy run start





Tuesday, May 6, 2008

Troubleshooting EIGRP

Troubleshooting EIGRP

Router#debug eigrp fsm

Displays events/actions related to the DUAL FSM

Router#debug eigrp packet

Displays events/actions related to EIGRP packets

Router#debug eigrp neighbor

Displays events/actions related to EIGRP neighbors


Monday, May 5, 2008

Verifying EIGRP

Verifying EIGRP

Router#show ip eigrp neighbors

Displays a neighbor table

Router#show ip eigrp neighbors detail

Displays a detailed neighbor table

Router#show ip eigrp interfaces

Displays information for each interface

Router#show ip eigrp int s 0/0

Displays information for a specific interface

Router#show ip eigrp int 100

Displays information for interfaces running process 100

Router#show ip eigrp topology

Displays the topology table. This command will show you where your feasible successors are

Router#show ip eigrp traffic

Displays the number and type of packets sent and received