#SDN #Routing #Switching #Firewall #NAC #Proxy #Mail Gateway #SDWAN

Reset switch to factory defaults If I’m not using brand new switch, I normally like to reset it back to factory defaults before doing anything. Use a pointy object (like paper clip) and press “Reset” and “Clear” buttons on the front of the switch at the same time. Release “Reset” button. When “Self Test” LED start to blink, release “Clear” button too. Now the switch should do it test routines. After that it should be back on factory defaults. IP-Address HP ProCurve Switch 2524# configure HP ProCurve Switch 2524(config)# vlan 1 HP ProCurve Switch 2524(vlan-1)# ip address 10.0.0.1 255.255.255.0 HP ProCurve Switch 2524(vlan-1)# wr mem HP ProCurve Switch 2524(vlan-1)# exit HP ProCurve Switch 2524(config)# exit HP ProCurve Switch 2524# Configure VLANs HP ProCurve Switch 2524# configure HP ProCurve Switch 2524(config)# vlan 1 HP ProCurve Switch 2524(vlan-1)# name "Default" HP ProCurve Switch 2524(vlan-1)# untag 2-6 HP ProCurve Switch 2524(vlan-1)# vlan 1...

HP ProCurve CLI CheatSheet LOG log Display log events (most recent last) log -r Display log events (most recent first) log A12 Display log events of port a12 log A12 -r Display log events of port a12 (most recent first) log 192.168.0.1 Display log events of 192.168.0.1 MAC show mac A5 Show MAC-address of the device on port A5 show mac A4-A6 Show MAC-adresss of the devices on ports between A4 and A6 show mac 00112233-445566 Show which port device with MAC-address 00112233-445566 is connected VLAN show vlan Show information about vlans on this swtich show vlan ports A19 Show VLAN ID and status of specific ports (A19) show vlan Show ports on this vlan and port status configure vlan 19 Set switch to vlan 19 name SupportVLAN Name this vlan as “SupportVLAN” tag A12 Set port a12 as tagged on vlan 19 (First do vlan <19>) tag A12,A13 Set ports a12 and 13 tagged on vlan 19 (First do vlan <19>) ...

Problem When I first started in IT, I went and did my Cisco CCNA . So I learned that to connect Cisco switches and pass VLAN traffic between them, I needed to create a 'Trunk' to pass the VLAN traffic. Fast forward a few years, and I now work for an HP reseller. Very early on I came to realise that what HP called a 'trunk' was very different from what I had been taught. Below is an article I did a while ago about setting up HP Trunks. HP Networking 'ProCurve' - Trunking / Aggregating Ports I was in some HP/Wireless training last week and once again I was struggling with their terminology, so today I lined up a bunch of switches on the test bench and worked out the differences. Below you will find the following scenarios; Scenario 1 Configuring Cisco Catalyst Switches with VLANs. Scenario 2 Configuring HP Switches with VLANs. Scenario 3 Setting up HP Switches with Trunked VLANs Scenario 4 Setup VLANs via HP Trunks and Cisco Port Chann...

http://www.certprepare.com/vlan-access-map

What is VLAN Access Control Lists (VACL) used for? VLAN Access Control Lists (VACL) can be used to filter traffic within the same vlan Scenario Suppose a host is connected to VLAN 2 and we are required to drop all telnet traffic within VLAN 2. Configuration Make an access list to match telnet traffic Router(config)#access-list 101 permit tcp any any eq telnet Create VACL using the above ACL. Drop telnet traffic and forward all other traffic Router(config)#vlan access-map VACL_ACL 10 Router(config-access-map)#match ip address 101 Router(config-access-map)#action drop Router(config-access-map)#exit Router(config)#vlan access-map VACL_ACL 20 Router(config-access-map)#action forward Router(config-access-map)#exit Router(config)# Apply VACL to VLAN 2. Router(config)#vlan filter VACL_ACL vlan-list 2 Thats it for the configuration. If everything is configured properly, telnet traffic should be dropped within VLAN 2

config system modem set status enable end     diagnose sys modem wireless-id   you should get something like this: vendor: 0x12d1, product: 0×1003, registered: yes      set status enable set pin-init '' set network-init '' set lockdown-lac '' set mode standalone set dial-on-demand enable set idle-timer 5 set redial none set holddown-timer 60 set connect-timeout 90 set wireless-port 0 set phone1 "#777" set username1 "internet" set passwd1 **** set extra-init1 '' set peer-modem1 generic set ppp-echo-request1 enable set authtype1 pap chap mschap mschapv2 execute modem dial     If you are using the web interface of your FortiGate device, when you enable the modem interface you will get Modem option under System > Network section on the left side menu. You can set up some of the options, like phone or Extra Initialization String there too. Also...

With the RPF function the Firewall checks if the packet comes in the firewall on the correct interface and does not try to spoof the address. For example in a DMZ network a packet coming in the dmz interface of the firewall and has a source IP from the internal network is spoofed. The firewall should not allow it. RPF is enabled by default and cannot be disabled, but can be set to strict. Strict RPF is disabled by default. If it is set to loose it does not look for best match route only if there is a route. With strict it checks the Forwarding Information Base (FIB). If it is set to strict it look for best match route. for more info see RFC 3704 . Used Version: v4.0,build0521,120313 (MR3 Patch 6) firewall (root) # show full-configuration system settings config system settings set comments '' set opmode nat set bfd disable set utf8-spam-tagging enable set wccp-cache-engine disable unset vpn-stats-log set vpn-stats-period 0 set...