[[cisco]]
Trace:
Show page
AdminRecent ChangesSitemap

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
cisco [2007/09/25 15:34]
a 		cisco [2015/05/21 15:01] (current)
zagi [Cisco config tips]
Line 2: Line 2:
  
 see also: **[[cisco:bgp|Cisco BGP stuff]]**, **[[networking]]**, **[[http://www.cymru.com/Documents/secure-ios-template.html|Secure IOS Template]]** see also: **[[cisco:bgp|Cisco BGP stuff]]**, **[[networking]]**, **[[http://www.cymru.com/Documents/secure-ios-template.html|Secure IOS Template]]**
 +
  
  
Line 13: Line 14:
 Cisco pppoe [[http://www.dslreports.com/faq/8199]]\\ Cisco pppoe [[http://www.dslreports.com/faq/8199]]\\
 Password recovery[[http://www.cisco.com/warp/public/474/]]\\ Password recovery[[http://www.cisco.com/warp/public/474/]]\\
-{{pcugtips.pdf|Cisco tips}}+[[http://phx-cisco-users.org/index.php|Phoenix Cisco User Group (PCUG)]] Cisco tips [[http://www.ciscoblog.com/docstore/PCUGTips.pdf|presentation]] (local mirror:{{pcugtips.pdf|Cisco tips}})
  
 ==== Password reset and configuration reset ==== ==== Password reset and configuration reset ====
Line 54: Line 55:
   login   login
   password xxx   password xxx
 +  
 +  
 +=== Corrupt/missing IOS image ===
 +
 +   * set BAUD 115200
 +   * upload vix Xmodem
 +
 +==== Cisco security tips ====
 +**Disable:**
 +
 +    * BOOTP server
 +    * Cisco Discovery Protocol (CDP)
 +    * HTTP Configuration and Monitoring
 +    * Domain Name System (DNS)
 +    * Packet Assembler / Disassembler (PAD)
 +    * Internet Control Message Protocol (ICMP) Redirects
 +    * IP Source Routing
 +    * Finger Service
 +    * Proxy ARP
 +    * IP Directed Broadcast
  
-==== Cisco tips ====+==== Cisco config tips ====
  
 ** Cisco PIX *** ** Cisco PIX ***
Line 98: Line 119:
   ip cef   ip cef
  
-**NTP**+**NTP** (see also: [[http://www.nil.com/ipcorner/SecTimeManagement/]])
   clock timezone CET 1   clock timezone CET 1
   clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00   clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
Line 219: Line 240:
   neighbor 145.2.2.2 remove-private-AS   neighbor 145.2.2.2 remove-private-AS
  
-**DHCP** +==DHCP== 
 +ip dhcp excluded-address 192.168.10.1
   ip dhcp pool my.lan   ip dhcp pool my.lan
      network 192.168.10.0 255.255.255.0      network 192.168.10.0 255.255.255.0
Line 226: Line 247:
      dns-server 212.18.X.X      dns-server 212.18.X.X
      default-router 192.168.10.1      default-router 192.168.10.1
 +     lease 14 0
  
 **OSPF** **OSPF**
Line 238: Line 260:
    passive-interface Loopback0    passive-interface Loopback0
    log-adjacency-changes    log-adjacency-changes
 +
 +== ACL renumbering == 
 +
 +Router(config)#ip access-list resequence MyACL 10 10\\
 +
 +== vlan up/interface down ==
 +
 +no autostate
 +no keepalive
 +
 +== Wireless ==
 +  dot11 ssid TEST1
 +  mbssid guest-mode
 +
 +  dot11 ssid TEST2
 +  mbssid guest-mode
 +
 +Then you have to enable mbssid globally on your radio-interface:
 +
 +  interface Dot11Radio0
 +  mbssid
 +  ssid TEST1
 +  ssid TEST2 
 +  
 +  interface Dot11Radio1
 +  mbssid
 +  ssid TEST1
 +  ssid TEST2 
 +  
 +==== Cisco bash policer script ====
 +
 +<code bash>
 +#!/bin/bash
 +# tnt.aufbix.org
 +#cir=$(($1*1024*1024))
 +cir=$(($1*1024*1000))
 +nburst=$(($cir*3/16))
 +eburst=$(($nburst*2))
 +echo "policy-map $1M"
 +echo "class class-default"
 +echo "police cir $cir bc $nburst be $eburst conform-action set-dscp-transmit default exceed-action drop  violate-action drop"
 +
 +</code>
 +
cisco.1190727299.txt.gz · Last modified: 2009/05/25 00:34 (external edit)
Show pageOld revisions
Media ManagerBack to top
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready