Standard config of lan switches

Unanswered Question
Oct 27th, 2007



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2.5 (2 ratings)
Edison Ortiz Sun, 10/28/2007 - 08:07

Looks pretty good. You've adopted most, if not all, best practice on switch config.

Couple of things you may want to add:

1) ACL on the SNMP community

2) ACL on the VTY lines

Also, you don't need a password entry under VTY once you enable aaa-new model.

Same goes for enable secret and enable password.

informatiza Mon, 10/29/2007 - 10:37

I need information to describe the result of the show interface fastethernet

chris_tan Wed, 10/31/2007 - 02:38

Some add-on:-

1.You do not need "enable password" if you already have "enable secret".

2.If you need to manage this switch, you might need to assign ip on vlan1 or loopback0

3.You need to have a "spanning-tree portfast" command on each ports which connected to client. DO NOT apply this command to interface connected to router or another switch

Hope it help on your Standard doc. :-)


This Discussion