we are using 3560 as access switch on our network. We find very usefull the possibility to connect on 1 switch (the commander) from which havng the possibility to going on the other on the same switch stack with the RCOM command).
But like with other bussiness it's mandatory to using only secure protocol to manage switches. On our side we never using the GUI, so HTTP and HTTPS are disable by default on all of our switches. Also we have currently and access-class configure to allowed only some network ID and specific host to connect by telnet or SSH to the switch. We already find cluster connection looks works on network 10.0.0.0/8. If we allow only SSH on the management CLI protocol cluster stop to work.
What I found on bug tool kit SCdz07515, it's not look like to be corrected in the future. The work around was to left Telnet enable.... which is may not acceptable for security purpose. One way to mitigate this is to allowing Telnet only to the subnet used by cluster.
My question is : is it possible to control this network ID ? 10.0.0.0/8 is definetly too large for us. Having the possiblity to set this network ID to something knowed, smaller, and not routed in the network may help to make it more acceptable. Also, we would like also be able to using Telnet to this known range and left only SSH as management CLI protocol for others....
Finally, is it planned to make this feature works with only SSH (or secure protocol) enable ?
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.