Router security

Description

Note on Router security, created by inga pinga on 23/04/2016.
inga pinga
Note by inga pinga, updated more than 1 year ago
inga pinga
Created by inga pinga over 8 years ago
5
0

Resource summary

Page 1

1) Management plane:a) SSH:hostname R1ip domain-name 1ExamAMonth.com!crypto key generate rsa modulus 2014!username kevin privilege 15 secret cisco!access-list 1 permit 10.1.1.0 0.0.0.255access-list 1 deny any log!line vty 0 15access-class 1 inlogin localtransport input ssh!2) Control planea) Unicast reverse path forwarding-The way that uRPF works is to check the source IP address of a packet arriving on an interface anddetermine whether that IP address is reachable, based on the router’s Forwarding Information Base(FIB) used by Cisco Express Forwarding (CEF)- CEF must be enabled on a router to use uRPF.- 3 modes:a) strict mode: "> With strict mode operation, a router not only checks to make sure that the sourceIP address of an arriving packet is reachable, based on the router’s FIB, but the packet mustalso be arriving on the same interface the router would use to send traffic back to that IPaddress.b) Loose mode: "> With loose mode operation, a router only verifies that the source IP address of apacket is reachable, based on the router’s FIB.c) vrf mode:configuration:By default, a router with uRPF configured would drop a packet whose source IP address was onlyreachable by a default route; however, uRPF supports an allow-default option that accepts a defaultroute as a valid way to get back to a source IP address.#ip verify unicast source reachable-via {rx | any} [allow-default] [allow-selfping] [# show cef interface to check if uRPF is enabled or not.

Show full summary Hide full summary

Similar

CCNP TShoot Final
palciny
CCNP - CH.2
Ali Sahar
CCNP TShoot Final
Jagdeep Gill
CCNP CH4
Ali Sahar
CCNP CH 5
Ali Sahar
Random OSPF fun time.
I L
CCNP CH3
Ali Sahar
CCNP TShoot Final
dave tilley
CCNP TShoot Final
David Tilley
CCNP TShoot Final
Fernando Acosta