Edison Ortiz Sun, 10/28/2007 - 08:07
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Looks pretty good. You've adopted most, if not all, best practice on switch config.

Couple of things you may want to add:

1) ACL on the SNMP community

2) ACL on the VTY lines

Also, you don't need a password entry under VTY once you enable aaa-new model.

Same goes for enable secret and enable password.

informatiza Mon, 10/29/2007 - 10:37
User Badges:

I need information to describe the result of the show interface fastethernet

chris_tan Wed, 10/31/2007 - 02:38
User Badges:

Some add-on:-

1.You do not need "enable password" if you already have "enable secret".

2.If you need to manage this switch, you might need to assign ip on vlan1 or loopback0

3.You need to have a "spanning-tree portfast" command on each ports which connected to client. DO NOT apply this command to interface connected to router or another switch

Hope it help on your Standard doc. :-)


This Discussion