07-16-2008 10:07 PM
Hi,
I have got a 1600 router which is not coming with HSEC feature. The router is located on the DMZ area, and as I got one ethernet port free, can I use that as management port? How do I do that please?
Thank you
07-17-2008 12:21 AM
Hi,
Are you configuring it from scratch ?
If yes then, erase the start-up config and reload the router. On reload it will ask you for default setup config . follow that and then it will display a list of interfaces and it will ask you to select the Management interface.
Follow the prompts and then save the config.
07-17-2008 12:26 AM
If you are modifying on the existing config , then suppose f0/0 is the free interface,
give command "default f0/0" in the config mode to reset the interface f0/0 into default.
Now you can configure the IP address for this int. and use it for mgmt.
Also check if there is any access-list under line vty , you would need to modify.
07-17-2008 05:40 PM
Hi,
thanks a lot for the info, the only problem that I got now is stopping this interface from forwarding traffic to other interface (as other interface is traffic within the DMZ-zone)
Is ACL the only way to prevent traffic forwarding from the DMZ-zone to this interface?
Thanks
07-17-2008 10:04 PM
Yes, ACL is the only way.
07-17-2008 10:20 PM
Hi,
Thanks a lot for the advise. I can connect the "port" now to my management network. I have tried the the traffic from other interface is not being forwarded to the the interface. the only trouble now that I still could not send file to tftp server, I might need to modify the access-list a bit.
Any way, thanks a lot for your help.
Kind regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide