Interesting. Pardon my ignorance, but
How would I do what you proposed? right now, everything is on "VLAN1" I
think.
TIA,
John.
Leigh Harrison wrote:
> What I have done in the past in these situations is this:-
>
> Have a management vlan on the switch and have the ip for management
on
> there. The side that faces the internet/untrusted area leave as an
> unmanaged vlan so no access can be got to it. It's also a good idea
to put
> access-classes on the telnet lines, if you've not already.
>
> LH
>
> "Vorta" <> wrote in message
> news: oups.com...
> > Hello:
> >
> > I'm going to put a Catalyst 2950-24 on, connecting to our provider
via
> > Ethernet. I already programmed an access-list for the vty
interfaces,
> > and an access-list for ip http access, I need it for Cisco Network
> > Assistant program.
> >
> > Is there any other access-lists I need to protect the switch
itself? I
> > assigned an IP to it for monitoring purposes, I usually put these
> > managed switches behind the firewall but this one is going to be
> > infront of it.
> >
> > TIA,
> >
> > J.
> >
|
Similar Threads
