Network Administrator: 2014

Sunday, September 7, 2014

Disable boot p server and proxy arp server

Command to disable bootp server on cisco router

no ip bootp server

Disable proxy arp Service

R1> config t

R1#interface fa0/1

R1(config)#no ip proxy-arp

SSH CONFIGURATION ON CISCO DEVICES

ip domain-name CISCO.com
crypto key generate rsa modulus 2048
ip ssh time-out 60
ip ssh authentication-retries 3

ip ssh version 2

ip ssh source-interface GigabitEthernet 0/1

line vty 0 4
transport input ssh

Friday, September 5, 2014

Configuration of switchport port-security

SW1>enable

SW1#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

SW1(config)#interface fa0/1

SW1(config-if)#switchport mode access

SW1(config-if)#switchport port-security

SW1(config-if)#switchport port-security mac sticky

SW1(config-if)#switchport port-security violation protect

SW1(config-if)#end

To verify your configuration you can use the following commands shown below;

SW1#show port-security interface fa0/1

Port Security : Enabled

Port Status : Secure-up

Violation Mode : Restrict

Aging Time : 0 mins

Aging Type : Absolute

SecureStatic Address Aging : Disabled

Maximum MAC Addresses : 1

Total MAC Addresses : 1

Configured MAC Addresses : 0

Sticky MAC Addresses : 1

Last Source Address:Vlan : 000f.242e.bf80:1

Security Violation Count : 0

SW1#show port-security interface fa0/1 address

Secure Mac Address Table

------------------------------------------------------------------------

Vlan Mac Address Type Ports Remaining Age

1 000f.242e.bf80 SecureSticky Fa0/1 -

------------------------------------------------------------------------

Total Addresses: 1

SW1#show run int fa0/1

Building configuration...

Current configuration : 245 bytes

interface FastEthernet0/1

switchport mode access

switchport port-security

switchport port-security violation restrict

switchport port-security mac-address sticky

switchport port-security mac-address sticky 000f.242e.bf80 vlan access

end

SW1#