Solved

vlan authentication md 5 key

Posted on 2011-02-22
3
577 Views
Last Modified: 2012-06-27
Hi Experts,
in a running cisco switch 3560G I have to implement a vlan.
But I don't know for what is this command and what kind of key is it ?
What kind of passwort is needed or is it just a default auth ?

interface Vlan175
 description Management VLAN
 ip address 10.10.175.252 255.255.255.0
 standby 175 ip 10.10.175.254
 standby 175 priority 90
 standby 175 preempt
 standby 175 authentication md5 key-string

Can you expalin me the commands:
 standby 175 ip 10.10.175.254
 standby 175 priority 90
 standby 175 preempt
 standby 175 authentication md5 key-string
0
Comment
Question by:Eprs_Admin
  • 2
3 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34949524
Hi,

the key need to prevent attackers to become Active HSRP routert!

Best regards,
Istvan
0
 
LVL 34

Assisted Solution

by:Istvan Kalmar
Istvan Kalmar earned 250 total points
ID: 34949537
0
 
LVL 5

Accepted Solution

by:
torvir earned 250 total points
ID: 34950222
* standby 175 ip 10.10.175.254
  Configures a virtual IP-address that all nodes on that LAN can use as a default gateway.
  When the primary router/L3-switch goes down, the secondary one takes over this address.
  Which means that it is always reachable.
  Also called the HSRP-address

* standby 175 priority 90
  The priority for the router/L3-switch in this vlan. The highest priority gets the HSRP-address.

* standby 175 preempt
  The router with the highest priority immediatley takes the HSRP-address with preempt.
  If you don't configure preemt there is no switchover until the router that has the HSRP-address fails or is restarted.

* standby 175 authentication md5 key-string
  Authenticates HSRP messages between routers so that no other router can negotiate with them, on purpose or by mistake, without knowing the authentication key

It is also important to know that you shouldn't use the same standby-group on other router-pairs on the same vlan.
Because they choose a virtual mac-address from the group number. And two similar mac-addresses means trouble.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now