[AusNOG] Cisco edge switch config in a hostile environment

Beeson, Ayden ABeeson at csu.edu.au
Tue Apr 30 12:07:37 EST 2013


May have been a bum steer for the 2960, though according to this you should be able to get it working with edge protected ports.

http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a0080094830.shtml

You'd think I could get this all into one simple mail, this is why writing back while in meetings is a bad idea :)

Sorry about the spam guys / gals.

Thanks,
Ayden Beeson


-----Original Message-----
From: Beeson, Ayden
Sent: Tuesday, 30 April 2013 12:04 PM
To: Beeson, Ayden; James Mcintosh; ausnog at lists.ausnog.net
Subject: RE: [AusNOG] Cisco edge switch config in a hostile environment

Sorry forgot to say the private VLAN needs to be set up as isolated.

Here is Cisco's configuration guide for it: http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/PrivateVLANs.html#wp1171033

Again sorry we don't actually use these internally yet but I know about it from my CCNP stuff, somebody else I'm sure will have a configuration for you.

Thanks,
Ayden Beeson


-----Original Message-----
From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Beeson, Ayden
Sent: Tuesday, 30 April 2013 12:02 PM
To: James Mcintosh; ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Cisco edge switch config in a hostile environment

I don't have one handy but it's not too complex a situation.

Management VLAN for management, "access" VLAN for access, private vlan configured onto the access VLAN so no hosts can reach each other, internet access port configured as promiscuous and you're off and running.

That's the simplest of explanations, happy to help with a configuration if you want when I have some time but I'm sure somebody else here can supply a properly written one to do this.

Thanks,
Ayden Beeson

-----Original Message-----
From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of James Mcintosh
Sent: Tuesday, 30 April 2013 11:58 AM
To: ausnog at lists.ausnog.net
Subject: [AusNOG] Cisco edge switch config in a hostile environment

Hi Noggers,

Just wondering if anyone has some sample Cisco edge switch configs they'd be willing to share (for 2960 or similar) for deployment in a potentially hostile network environment (e.g. school or hotel) where multiple unrelated customers would be connecting up for the sole purpose of Internet access.


-James

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
Charles Sturt University

| ALBURY-WODONGA | BATHURST | CANBERRA | DUBBO | GOULBURN | MELBOURNE |
| ONTARIO | ORANGE | PORT MACQUARIE | SYDNEY | WAGGA WAGGA |

LEGAL NOTICE
This email (and any attachment) is confidential and is intended for the use of the addressee(s) only. If you are not the intended recipient of this email, you must not copy, distribute, take any action in reliance on it or disclose it to anyone. Any confidentiality is not waived or lost by reason of mistaken delivery. Email should be checked for viruses and defects before opening. Charles Sturt University (CSU) does not accept liability for viruses or any consequence which arise as a result of this email transmission. Email communications with CSU may be subject to automated email filtering, which could result in the delay or deletion of a legitimate email before it is read at CSU. The views expressed in this email are not necessarily those of CSU.

Charles Sturt University in Australia  http://www.csu.edu.au  The Grange Chancellery, Panorama Avenue, Bathurst NSW Australia 2795  (ABN: 83 878 708 551; CRICOS Provider Numbers: 00005F (NSW), 01947G (VIC), 02960B (ACT)). TEQSA Provider Number: PV12018

Charles Sturt University in Ontario  http://www.charlessturt.ca 860 Harrington Court, Burlington Ontario Canada L7N 3N4  Registration: www.peqab.ca

Consider the environment before printing this email.

Disclaimer added by CodeTwo Exchange Rules 2007 http://www.codetwo.com

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
Charles Sturt University

| ALBURY-WODONGA | BATHURST | CANBERRA | DUBBO | GOULBURN | MELBOURNE | ONTARIO | ORANGE | PORT MACQUARIE | SYDNEY | WAGGA WAGGA |

LEGAL NOTICE
This email (and any attachment) is confidential and is intended for the use of the addressee(s) only. If you are not the intended recipient of this email, you must not copy, distribute, take any action in reliance on it or disclose it to anyone. Any confidentiality is not waived or lost by reason of mistaken delivery. Email should be checked for viruses and defects before opening. Charles Sturt University (CSU) does not accept liability for viruses or any consequence which arise as a result of this email transmission. Email communications with CSU may be subject to automated email filtering, which could result in the delay or deletion of a legitimate email before it is read at CSU. The views expressed in this email are not necessarily those of CSU.

Charles Sturt University in Australia  http://www.csu.edu.au  The Grange Chancellery, Panorama Avenue, Bathurst NSW Australia 2795  (ABN: 83 878 708 551; CRICOS Provider Numbers: 00005F (NSW), 01947G (VIC), 02960B (ACT)). TEQSA Provider Number: PV12018

Charles Sturt University in Ontario  http://www.charlessturt.ca 860 Harrington Court, Burlington Ontario Canada L7N 3N4  Registration: www.peqab.ca

Consider the environment before printing this email.

Disclaimer added by CodeTwo Exchange Rules 2007
http://www.codetwo.com




More information about the AusNOG mailing list