Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

vlan authentication md 5 key

Posted on 2011-02-22
3
Medium Priority
?
596 Views
Last Modified: 2012-06-27
Hi Experts,
in a running cisco switch 3560G I have to implement a vlan.
But I don't know for what is this command and what kind of key is it ?
What kind of passwort is needed or is it just a default auth ?

interface Vlan175
 description Management VLAN
 ip address 10.10.175.252 255.255.255.0
 standby 175 ip 10.10.175.254
 standby 175 priority 90
 standby 175 preempt
 standby 175 authentication md5 key-string

Can you expalin me the commands:
 standby 175 ip 10.10.175.254
 standby 175 priority 90
 standby 175 preempt
 standby 175 authentication md5 key-string
0
Comment
Question by:Eprs_Admin
  • 2
3 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34949524
Hi,

the key need to prevent attackers to become Active HSRP routert!

Best regards,
Istvan
0
 
LVL 34

Assisted Solution

by:Istvan Kalmar
Istvan Kalmar earned 1000 total points
ID: 34949537
0
 
LVL 5

Accepted Solution

by:
torvir earned 1000 total points
ID: 34950222
* standby 175 ip 10.10.175.254
  Configures a virtual IP-address that all nodes on that LAN can use as a default gateway.
  When the primary router/L3-switch goes down, the secondary one takes over this address.
  Which means that it is always reachable.
  Also called the HSRP-address

* standby 175 priority 90
  The priority for the router/L3-switch in this vlan. The highest priority gets the HSRP-address.

* standby 175 preempt
  The router with the highest priority immediatley takes the HSRP-address with preempt.
  If you don't configure preemt there is no switchover until the router that has the HSRP-address fails or is restarted.

* standby 175 authentication md5 key-string
  Authenticates HSRP messages between routers so that no other router can negotiate with them, on purpose or by mistake, without knowing the authentication key

It is also important to know that you shouldn't use the same standby-group on other router-pairs on the same vlan.
Because they choose a virtual mac-address from the group number. And two similar mac-addresses means trouble.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question