Giuseppe Larosa Tue, 11/11/2008 - 02:12
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Baajee,

be aware that aaa commands specify how remote control is done


aaa new-model

aaa authentication login default local-case

!

aaa session-id common


this tells allow access using local case sensitive username/pwd pair(s)


this specifies SSH version 2:


ip ssh version 2

! keys for SSH

cry key generate rsa general-keys modulus 1024


! encrypts passwords

service password-encryption


! useful command for troubleshooting keep them

service timestamps debug datetime msec localtime

service timestamps log datetime msec localtime


! the VTP commands say this switch receives

! the vlan database from outside

vtp mode client

vtp version 2

vtp domain mydomain

vtp password VTPpassword1


if you deploy it in standalone change in

vtp mode server


this is the only change I would do at the beginning

check the line vty config to see what protocols are allowed (telnet and SSH or only SSH ?)

You may want to enable telnet in a lab environment.


a free SSH client

http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html


Hope to help

Giuseppe







bishnbaajee Tue, 11/11/2008 - 02:35
User Badges:

Thank you Giuseppe....one more thing, i have to config two core (4500) switches and six access swithces (2960)in High availabity mode, in this case which one would be VTP server.

-baajee

Jon Marshall Tue, 11/11/2008 - 03:21
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Baajee


I would make your 2 4500 switches the VTP servers and the 2960 switches the clients. It is good to have 2 switches as VTP server for redundancy. When you want to add/modify/delete vlans you will only need to make changes on one of the VTP server switches.


Jon

bishnbaajee Tue, 11/11/2008 - 03:32
User Badges:

Thnak you Jon,

but I am planning to config both 4500 switches in active/active mode using GLBP. Will it work in that case..

-baajee

Jon Marshall Tue, 11/11/2008 - 03:37
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Baajee


Yes, the 2 are not linked at all. VTP is merely used to send vlan information to all switches. When you use VTP server/client setup it is a time saver in that you only have to create the vlan on one switch and that vlan is then available on all your switches. VTP works at L2 whereas GLBP is L3. The 2 can happily coexist on the same switches.


Jon

Actions

This Discussion