Hello:
I'm going to put a Catalyst 2950-24 on, connecting to our provider via Ethernet. I already programmed an access-list for the vty interfaces, and an access-list for ip http access, I need it for Cisco Network Assistant program.
Is there any other access-lists I need to protect the switch itself? I assigned an IP to it for monitoring purposes, I usually put these managed switches behind the firewall but this one is going to be infront of it.
TIA,
J.
Interesting. Pardon my ignorance, but How would I do what you proposed? right now, everything is on "VLAN1" I think.
TIA,
John. Leigh Harris> What I have done in the past in these situations is this:-
interfaces,
itself? I
What I have done in the past in these situations is this:-
Have a management vlan on the switch and have the ip for management on there. The side that faces the internet/untrusted area leave as an unmanaged vlan so no access can be got to it. It's also a good idea to put access-classes on the telnet lines, if you've not already.
LH
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.