Solved

vlan authentication md 5 key

Posted on 2011-02-22
3
585 Views
Last Modified: 2012-06-27
Hi Experts,
in a running cisco switch 3560G I have to implement a vlan.
But I don't know for what is this command and what kind of key is it ?
What kind of passwort is needed or is it just a default auth ?

interface Vlan175
 description Management VLAN
 ip address 10.10.175.252 255.255.255.0
 standby 175 ip 10.10.175.254
 standby 175 priority 90
 standby 175 preempt
 standby 175 authentication md5 key-string

Can you expalin me the commands:
 standby 175 ip 10.10.175.254
 standby 175 priority 90
 standby 175 preempt
 standby 175 authentication md5 key-string
0
Comment
Question by:Eprs_Admin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34949524
Hi,

the key need to prevent attackers to become Active HSRP routert!

Best regards,
Istvan
0
 
LVL 34

Assisted Solution

by:Istvan Kalmar
Istvan Kalmar earned 250 total points
ID: 34949537
0
 
LVL 5

Accepted Solution

by:
torvir earned 250 total points
ID: 34950222
* standby 175 ip 10.10.175.254
  Configures a virtual IP-address that all nodes on that LAN can use as a default gateway.
  When the primary router/L3-switch goes down, the secondary one takes over this address.
  Which means that it is always reachable.
  Also called the HSRP-address

* standby 175 priority 90
  The priority for the router/L3-switch in this vlan. The highest priority gets the HSRP-address.

* standby 175 preempt
  The router with the highest priority immediatley takes the HSRP-address with preempt.
  If you don't configure preemt there is no switchover until the router that has the HSRP-address fails or is restarted.

* standby 175 authentication md5 key-string
  Authenticates HSRP messages between routers so that no other router can negotiate with them, on purpose or by mistake, without knowing the authentication key

It is also important to know that you shouldn't use the same standby-group on other router-pairs on the same vlan.
Because they choose a virtual mac-address from the group number. And two similar mac-addresses means trouble.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Secure Shell (SSH) is a network protocol for secure data communication, mainly used to administer remote Unix / Linux servers via command line. But it also allows the user to open a secure tunnel between a client and a server where he can send any k…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question