Solved: Question about slick ways to config interfaces and about mac security

iceteanolemon · ‎12-24-2009

I am just getting to see the forum and want to ask two questions about interface config and mac security. These are not related but I just wanted to see if anyone had any tips on making life easy....

Interface configs:

Right now when I go to config an interface and it is full of settings I want to remove I will issue a no switchport then switchport then no in front of the settings or default them. I was wondering if there is a one step way to clear or default an interface without having to remove each piece separately. In a perfect word I would have some type of command like "clear interface" or something and it would just erase everything inside that particular interface config. is there anything like that out there?

Mac security:

Is there any way to employ mac security with a wildcard or something? I want to do mac security but I just want to allow one vendor or possibly two vendors. I don't see a way other than carrying a mac database or sticky addresses. maybe some type smartport macros with triggers, I dunno.

Anyone have any secret tricks to share?

Im working with 3750's and my devices are ip phones lwapps soho switches stuff like that....

Thanks,

Ben

Reza Sharifi · ‎12-24-2009

Hello Ben,

If you issue:

default interface fastEthernet 0/45

It will reset the interface back to default with no config on it

example:

Before the command was issued

Management-Switch#sh run interface fastEthernet 0/45
Building configuration...

Current configuration : 101 bytes
!
interface FastEthernet0/45
description test
bandwidth 1000000
no ip address
no cdp enable
end

Management-Switch(config)#default interface fastEthernet 0/45
Interface FastEthernet0/45 set to default configuration

After the command was issued

Management-Switch#sh run interface fastEthernet 0/45
Building configuration...

Current configuration : 49 bytes
!
interface FastEthernet0/45
no ip address
end

HTH

Reza

View solution in original post

Reza Sharifi · ‎12-24-2009

Hello Ben,

If you issue:

default interface fastEthernet 0/45

It will reset the interface back to default with no config on it

example:

Before the command was issued

Management-Switch#sh run interface fastEthernet 0/45
Building configuration...

Current configuration : 101 bytes
!
interface FastEthernet0/45
description test
bandwidth 1000000
no ip address
no cdp enable
end

Management-Switch(config)#default interface fastEthernet 0/45
Interface FastEthernet0/45 set to default configuration

After the command was issued

Management-Switch#sh run interface fastEthernet 0/45
Building configuration...

Current configuration : 49 bytes
!
interface FastEthernet0/45
no ip address
end

HTH

Reza

iceteanolemon · ‎12-24-2009

Interface config: That is exactly what I was looking for!!! That small command has bugged me for a long time!

Now do you have any idea on doing a mac security based on just the vendor code part of the mac? Maybe thats a long shot.....

iceteanolemon · ‎12-24-2009

"default interface"

you wouldnt by any chance klnow how to issue this on a nexus IOS?

Reza Sharifi · ‎12-24-2009

Sorry, I have never used IOS Nexus.

What ver are you running?

iceteanolemon · ‎12-24-2009

Software

BIOS: version 3.19.0

loader: version N/A

kickstart: version 4.2(1)

system: version 4.2(1)