NTP - Free Network

Management Port Configuration on Cisco IOS Catalyst 4500 (SSH,SNMP,NTP,AAA,Syslog)

Objective: To separate management traffic from data/customer traffic on your Cisco Catalyst 4500 L3 Switch Preferably, Data and Management are into 2 separate network domains. Pre-requisite: UTP cable to connect to management port (via FastEthernet 1) and the other end is connected to a network switch to access the OOB management gateway Tested on Cisco IOS Version 15.1 (Cisco Catalyst 4948E) * * Management IP Configuration* * 1. Configure the vrf for management vrf definition management ! address-family ipv4 exit-address-family ! address-family ipv6…

Cisco

4500 4948 AAA catalyst ios management NTP SNMP SSH Syslog

Leave a Comment

Best Security Practices for Huawei Routers on Management Plane

It is recommended to implement the separation of management and data/customer traffic in your Huawei Service Routers (e.g. NE40E Series). Traffic passing through the management plane should be exclusively for management or administrative access purposes only like SSH, SNMP, NTP and AAA. These are the steps on hardening the security on Huawei Routers. Management instance can be configured using these commands: ip vpn-instance STRING<1-31> description TEXT<1-242> ipv4-family Here’s the recommended configuration or practices for these management services. Configure Authentication, Authorization…

Huawei

AAA ACL authentication Banner header huawei info-center login management NTP password security SNMP SSH Syslog tacacs timezone vpn-instance

Leave a Comment

Out of Band (OOB) Management Configuration on Huawei Routers (SSH,SNMP,NTP,AAA,Syslog)

Objective: To separate management traffic from data/customer traffic in your Huawei Routers Preferably, Data and Management are into 2 separate network domains. Pre-requisite: UTP cables (for each MPU management port in case for switchover) are connected to a network switch to access the OOB management gateway To go configuration mode: system-view To preview configuration change before commiting display configuration candidate * * Management IP Configuration* * a. Configure the vpn instance for management ip vpn-instance <vpn instance name> description <description> ipv4-family b. Set…

Huawei

AAA huawei management MPU NTP OOB SNMP SSH Syslog vpn-instance

Leave a Comment

Best Security Practices for Juniper (Junos OS ) on Management Plane

It is recommended to implement the separation of management and data/customer traffic in your Juniper devices (e.g. QFX Series Switches, MX Series). Traffic passing through the management plane should be exclusively for management or administrative access purposes only like SSH, SNMP, NTP and AAA. Here’s the recommended configuration or practices for these management services. Configure Authentication, Authorization and Accounting (AAA) -preferably to setup centralized TACACS+ to manage all your devices, implement central network management that can impose security protocol to…

Juniper

AAA Banner best practice Firewall Juniper JunOS NTP password security SSH Syslog

Leave a Comment

Best Security Practices for Cisco Nexus OS (NX-OS) on Management Plane

It is recommended to implement the separation of management and data/customer traffic in your Datacenter switches like Cisco Nexus devices (e.g. Nexus 7000, Nexus 9000). Traffic passing through the management plane should be exclusively for management or administrative access purposes only like SSH, SNMP, NTP and AAA. Here’s the recommended configuration or practices for these management services. Configure Authentication, Authorization and Accounting (AAA) -preferably to setup centralized TACACS+ to manage all your devices, some uses Cisco® Identity Services Engine (ISE)…

Cisco

AAA Banner management plane NTP security SNMP SSH Syslog tacacs

Leave a Comment

Out of Band (OOB) Management Configuration in Cisco IOS-XR (SSH,SNMP,NTP,AAA,Syslog)

Objective: To separate management traffic from data/customer traffic in your Cisco XR routers. Preferably, Data and Management are into 2 separate network domains. Pre-requisite: UTP cables (for each RSP management port in case for switchover) are connected to a network switch to access the OOB management gateway * * Management IP Configuration* * 1. Configure the vrf for management vrf management description VRF for Out-of-Band address-family ipv4 unicast 2. Set the physical IP address on each RSP management port. There are total of…

Cisco

AAA Cisco NTP OOB SNMP SSH Syslog

One Comment

Configuring Network Time Protocol (NTP) the Secured way in Cisco Routers and Switches (IOS, IOS-XE, IOS-XR, NX-OS)

Cisco IOS e.g. Vlan10 = interface management vlan NTP Server = 192.168.10.100 1. Configure ACL to deny NTP requests and query conf t access-list 100 remark to block NTP requests and query access-list 100 deny any 2. Configure ACL to allow only the NTP servers to peer or synch with access-list 200 remark NTP to peer access-list 200 permit 192.168.10.100 access-list 200 deny any 3. Configure NTP conf t ntp source Vlan10 ntp access-group peer 200 ntp access-group serve 100 ntp access-group…

Cisco

Cisco NTP

4 Comments

This server has received 300607 hits from both ipv4 and ipv6.
IPv4	91.3%
IPv6	8.7%

Tag: <span>NTP</span>