Management access

DanceGun · ‎07-16-2008

Hi,

I have got a 1600 router which is not coming with HSEC feature. The router is located on the DMZ area, and as I got one ethernet port free, can I use that as management port? How do I do that please?

Thank you

dhananjoy chowdhury · ‎07-17-2008

Hi,

Are you configuring it from scratch ?

If yes then, erase the start-up config and reload the router. On reload it will ask you for default setup config . follow that and then it will display a list of interfaces and it will ask you to select the Management interface.

Follow the prompts and then save the config.

dhananjoy chowdhury · ‎07-17-2008

If you are modifying on the existing config , then suppose f0/0 is the free interface,

give command "default f0/0" in the config mode to reset the interface f0/0 into default.

Now you can configure the IP address for this int. and use it for mgmt.

Also check if there is any access-list under line vty , you would need to modify.

DanceGun · ‎07-17-2008

Hi,

thanks a lot for the info, the only problem that I got now is stopping this interface from forwarding traffic to other interface (as other interface is traffic within the DMZ-zone)

Is ACL the only way to prevent traffic forwarding from the DMZ-zone to this interface?

Thanks

dhananjoy chowdhury · ‎07-17-2008

Yes, ACL is the only way.

DanceGun · ‎07-17-2008

Hi,

Thanks a lot for the advise. I can connect the "port" now to my management network. I have tried the the traffic from other interface is not being forwarded to the the interface. the only trouble now that I still could not send file to tftp server, I might need to modify the access-list a bit.

Any way, thanks a lot for your help.

Kind regards,