Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
cisco [2006/05/28 22:42] a |
cisco [2013/09/07 09:45] zagi |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Cisco stuff on need to know bases ====== | ====== Cisco stuff on need to know bases ====== | ||
- | see also: **[[cisco: | + | see also: **[[cisco: |
+ | |||
==== Related documents ==== | ==== Related documents ==== | ||
Line 12: | Line 14: | ||
Cisco pppoe [[http:// | Cisco pppoe [[http:// | ||
Password recovery[[http:// | Password recovery[[http:// | ||
+ | [[http:// | ||
==== Password reset and configuration reset ==== | ==== Password reset and configuration reset ==== | ||
Line 52: | Line 55: | ||
login | login | ||
password xxx | password xxx | ||
+ | | ||
+ | | ||
+ | === Corrupt/ | ||
+ | |||
+ | * set BAUD 115200 | ||
+ | * upload vix Xmodem | ||
+ | |||
+ | ==== Cisco security tips ==== | ||
+ | **Disable: | ||
+ | |||
+ | * BOOTP server | ||
+ | * Cisco Discovery Protocol (CDP) | ||
+ | * HTTP Configuration and Monitoring | ||
+ | * Domain Name System (DNS) | ||
+ | * Packet Assembler / Disassembler (PAD) | ||
+ | * Internet Control Message Protocol (ICMP) Redirects | ||
+ | * IP Source Routing | ||
+ | * Finger Service | ||
+ | * Proxy ARP | ||
+ | * IP Directed Broadcast | ||
+ | |||
+ | ==== Cisco config tips ==== | ||
- | ==== Cisco tips ==== | + | ** Cisco PIX *** |
+ | no fixup protocol smtp 25 | ||
**General security template:** | **General security template:** | ||
Line 93: | Line 119: | ||
ip cef | ip cef | ||
- | **NTP** | + | **NTP** |
clock timezone CET 1 | clock timezone CET 1 | ||
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00 | clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00 | ||
Line 213: | Line 239: | ||
router bgp 109 | router bgp 109 | ||
neighbor 145.2.2.2 remove-private-AS | neighbor 145.2.2.2 remove-private-AS | ||
+ | |||
+ | ==DHCP== | ||
+ | ip dhcp excluded-address 192.168.10.1 | ||
+ | ip dhcp pool my.lan | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | lease 14 0 | ||
**OSPF** | **OSPF** | ||
Line 225: | Line 260: | ||
| | ||
| | ||
+ | |||
+ | == ACL renumbering == | ||
+ | |||
+ | Router(config)# | ||
+ | |||
+ | == vlan up/ | ||
+ | |||
+ | no autostate | ||
+ | no keepalive | ||
+ | |||
+ | == Wireless == | ||
+ | dot11 ssid TEST1 | ||
+ | mbssid guest-mode | ||
+ | |||
+ | dot11 ssid TEST2 | ||
+ | mbssid guest-mode | ||
+ | |||
+ | Then you have to enable mbssid globally on your radio-interface: | ||
+ | |||
+ | interface Dot11Radio0 | ||
+ | mbssid | ||
+ | ssid TEST1 | ||
+ | ssid TEST2 | ||
+ | | ||
+ | interface Dot11Radio1 | ||
+ | mbssid | ||
+ | ssid TEST1 | ||
+ | ssid TEST2 |