You will cause yourself difficulties while your switches cannot be managed over the network.
A compromising solution could be to install a separate management vlan. IP's for the 2950's could be assigned in this range and you could even set this up as an isolated vlan.
Basic idea is to have management traffic and user traffic both in a separate vlan. This will not offer security in the case of someone sniffing on the networkcable but as you know, rule 1 in security is to disallow/disable physical acces to your equipment and cabling routes. When you can control physical access, this method is more viable (less $$) than changing to switches with SSH support.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...