Differences

This shows you the differences between two versions of the page.

--- cisco [2009/05/25 00:35]
127.0.0.1 external edit
+++ cisco [2015/05/21 15:01] (current)
zagi [Cisco config tips]
@@ Line 55: / Line 55: @@
   login
   password xxx
+=== Corrupt/missing IOS image ===
+   * set BAUD 115200
+   * upload vix Xmodem
+==== Cisco security tips ====
+**Disable:**
+    * BOOTP server
+    * Cisco Discovery Protocol (CDP)
+    * HTTP Configuration and Monitoring
+    * Domain Name System (DNS)
+    * Packet Assembler / Disassembler (PAD)
+    * Internet Control Message Protocol (ICMP) Redirects
+    * IP Source Routing
+    * Finger Service
+    * Proxy ARP
+    * IP Directed Broadcast
-==== Cisco tips ====
+==== Cisco config tips ====
 ** Cisco PIX ***
@@ Line 220: / Line 240: @@
   neighbor 145.2.2.2 remove-private-AS
-**DHCP**
+==DHCP==
+ip dhcp excluded-address 192.168.10.1
   ip dhcp pool my.lan
      network 192.168.10.0 255.255.255.0
@@ Line 227: / Line 247: @@
      dns-server 212.18.X.X
      default-router 192.168.10.1
+     lease 14 0
 **OSPF**
@@ Line 239: / Line 260: @@
    passive-interface Loopback0
    log-adjacency-changes
+== ACL renumbering ==
+Router(config)#ip access-list resequence MyACL 10 10\\
+== vlan up/interface down ==
+no autostate
+no keepalive
+== Wireless ==
+  dot11 ssid TEST1
+  mbssid guest-mode
+  dot11 ssid TEST2
+  mbssid guest-mode
+Then you have to enable mbssid globally on your radio-interface:
+  interface Dot11Radio0
+  mbssid
+  ssid TEST1
+  ssid TEST2
+  interface Dot11Radio1
+  mbssid
+  ssid TEST1
+  ssid TEST2
+==== Cisco bash policer script ====
+<code bash>
+#!/bin/bash
+# tnt.aufbix.org
+#cir=$(($1*1024*1024))
+cir=$(($1*1024*1000))
+nburst=$(($cir*3/16))
+eburst=$(($nburst*2))
+echo "policy-map $1M"
+echo "class class-default"
+echo "police cir $cir bc $nburst be $eburst conform-action set-dscp-transmit default exceed-action drop  violate-action drop"
+</code>