Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Secure Access Cisco 2950/Help with Commands

Posted on 2007-08-02
2
Medium Priority
?
1,213 Views
Last Modified: 2008-01-09
Hello Experts,

I would like to Secure my newly configured 2950 Switch and wanted to lock it down. The needs are:

(1)Limit the remote access to One Ip address
(2) Password Protect the Telnet console/Potentiall use SSH
(3)Encrypt As much as the passwords as possible

Thanks in Advance experts
0
Comment
Question by:Atomicsteaks
2 Comments
 
LVL 27

Expert Comment

by:pseudocyber
ID: 19619371
0
 
LVL 1

Accepted Solution

by:
amadjeski earned 2000 total points
ID: 19679827
For all of this you will need to make sure you have an IOS image with CRYPTO

(1)Limit the remote access to One Ip address
(2) Password Protect the Telnet console/Potentiall use SSH

Create an access list such as:

ip access-list extended VTYAccess
     permit tcp host 172.45.15.2 any eq 22 log (where 172.45.15.2 is the host you want to access from)
     deny ip any any

Then apply this to the VTY interfaces and specify SSH only

line vty 0 4 (or 0 15 to hit all of them)
    transport input ssh
    access-class VTYAccess in



(3)Encrypt As much as the passwords as possible

Using SSH you will need to set up encryption on the switch

If you need any further explanation please let me know.

crpto key gen rsa

select the strength and it will create the key
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
This tutorial will go through the steps required to write a script that will back up the configuration settings of a HP-ProCurve switch. You will need to get the following things to follow this tutorial: Telnet Scripting Tool e.g. TST10.exe …
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question