I did this a while ago when I was preparing a lot of config files (.txt) for use on my routers & switches. I needed to find interface numbers and replace them with interfaces that I had available or was using (i.e. s0/0/0 with s0/0, etc.). As I don’t use this feature very often, it is a prime candidate for a blog post.
Wednesday, May 22, 2013
Monday, May 13, 2013
Centralized Server-Based AAA Authentication (2 of 2)
PART 2:
Now that SRV is set up and running WinRadius we can configure DLS1 & DLS2 to use RADIUS on SRV for login authentication (telnet).
The configurations are straight forward and if you’d like to know more I’d suggest searching Cisco’s site.
Some of the key information we needed to take note of in Part 1 was the following:
Radius IP: 10.1.50.1
Radius Password (a.k.a NAS Secret): WinRadius
Radius auth-port: 2812
Radius acct-port: 2813
Our User: User1
& Password: CCnP
Centralized Server-Based AAA Authentication (1 of 2)
Part 1: Configuring the Radius Server
In this post we want to secure access to our devices and do so with a single authentication server. There are many reasons to do this; for example we can easily manage users and passwords without having to micromanage each device.
The topology is similar to the RSPAN post:
DLS1 VLAN 5 (MGT): 10.1.5.252
DLS2 VLAN 5 (MGT): 10.1.5.253
Thursday, May 2, 2013
RSPAN
For this post we want to focus on capturing and analyzing traffic on DLS2 fa0/18 VLAN 10 that connects to PCC. In essence, we want to monitor the traffic to and from PCC using RSPAN (Remote Switched Port Analyzer). SRV will monitor the traffic using Wireshark. For the end test we will send a ping from PCB to PCC and see the ICMP packets on SRV running Wireshark.
Topology
Wireshark – Pimp my Filter
While monitoring an analyzer using RSPAN, I was getting a bunch of packets that I don’t care about. I don’t really want to filter based on just one packet but instead would like to filter out the packets I don’t want. Here you can see STP and HSRP packets being exchanged on the switched port I’m analyzing:
Wednesday, March 27, 2013
BGP RIB-failure
So, you’re following along in a lab configuring BGP and your “show ip bgp” reveals a RIB-failure…
Sunday, February 17, 2013
Subscribe to:
Posts (Atom)