I have a cisco 2950 sw and it is our redzone sw for outbound access. I created a seperate VLAN for fa0/1(my management port) and I'm not sure if this is the most secure way of doing it. Also, when I plug my management port in to another switch it builds it mac address table with other mac addresses which I do not want.Is this something that I can disbale? Any help would be appreciated.
If I'm interpreting you correctly... you have 2 separate issues here.
1a) your management port - you can set up port security on the port that you will connect into your switch from, if you connect directly in. That would involve configuring port-security.
1b) if you don't connect physically into a port on your switch, you would be talking about creating a telnet access-list which would limit which ip addresses can telnet into that switch for managment purporses. That would be an access-list which is configured, in addition to a statment under lines vty 0 4 (the lines which you telnet into) tying that access-list into the telnet ports.
So you can do layer 2 security - via port-security- or layer 3 security - via an access-list.
2) Re the switch building its forwarding table - You cannot stop a switch from learning mac addresses from another switch - that's the switches' job in life. you can't disable it. If you stop the switch from building its mac-address-table, it would flood packets for ANY destination out each and every port... because it would never learn which mac-addresses live on the switch that it is connected to.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.