And, besides, if you have Cisco switch on one side, that solution still works because you implement it on your Cisco switch. STP BPDU is not Cisco proprietary, so Juniper switch also will send BPDU.
On Fri, Jan 13, 2012 at 3:40 PM, CCIE KID <[email protected]> wrote: > Hi Pedram, > > All the protocols which u guys say is CISCO PROPRIETARY .. Is there any > open standard ptotocol which does this job. If i connect a Alcatel Lucent > switch or else a Juniper Switch , how will a Cisco Switch react.. > > So thats what the whole point here? > > > > On Fri, Jan 13, 2012 at 10:03 AM, Pedram Zadeh <[email protected]>wrote: > >> For this goal, you should configure *all* access ports as portfast and >> also configure spanning-tree portfast bpduguard default. If any rogue >> switch get connected and start to participate in STP process, the port will >> be put in err-disable mode and they should get administrator to resolve it! >> syslog and snmp trap also can be configured to notify admin as well. >> >> On Fri, Jan 13, 2012 at 2:18 PM, CCIE KID <[email protected]> wrote: >> >>> Hi buddy, >>> >>> We are using VTP in Transparent mode. So it is literally turning off VTP. >>> It is not all about VTP password. Customer wants to check a particular >>> switch when connected to the network should be a legitimate switch and it >>> should be checked against a database to authenticate whether it is a >>> legitimate switch or a rogue switch. >>> >>> Thats what i am looking for some authentication with respect to STP. >>> >>> >>> >>> >>> >>> >>> On Fri, Jan 13, 2012 at 4:44 AM, WaLeEd AlShErIf <[email protected] >>> >wrote: >>> >>> > I agree with David , you need to use VTP password , here is a link for >>> it >>> > >>> > >>> > >>> http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080094c52.shtml >>> > >>> > Yours, >>> > Waleed >>> > >>> > *From:* David Sudjiman <[email protected]> >>> > *To:* CCIE KID <[email protected]> >>> > *Cc:* CCIE OSL <[email protected]>; Cisco certification < >>> > [email protected]> >>> > *Sent:* Thursday, January 12, 2012 11:56 PM >>> > *Subject:* Re: [OSL | CCIE_RS] OT: Authentication in STP >>> >>> > >>> > Your customer didn't mistakenly read about VTP password? >>> > >>> > Regards, >>> > David Sudjiman >>> > (Sent from Mobile) >>> > >>> > On 13/01/2012, at 5:22 AM, CCIE KID <[email protected]> wrote: >>> > >>> > > Hi fellas, >>> > > >>> > > My customer is asking for any authentication in STP. Can someone >>> tell me >>> > > that if there is any Authentication mechanism in STP to validate to >>> > correct >>> > > birdges with some hash value and try to avoid rogue bridges with >>> this. I >>> > > searched in RFC's and i guess there is no Authentication mechanism in >>> > STP . >>> > > So is there any other IEEE standard for STP Authentication. >>> > > I found Cisco Proprietary Root Guards which basically tells avoid any >>> > > superior BPDUs and avoid that port as Root port. >>> > > >>> > > I know Root Guard doesnt do any authentication . But is there any >>> other >>> > > mechnaism where can do authenticating the bridges in STP logic >>> > > >>> > > I believe Radia Perlman is still kicking for this :) >>> > > >>> > > >>> > > -- >>> > > With Warmest Regards, >>> > > >>> > > CCIE KID >>> > > CCIE#29992 (Security) >>> > > _______________________________________________ >>> > > For more information regarding industry leading CCIE Lab training, >>> > please visit www.ipexpert.com >>> > > >>> > > Are you a CCNP or CCIE and looking for a job? Check out >>> > www.PlatinumPlacement.com <http://www.platinumplacement.com/> >>> >>> > > >>> > > http://onlinestudylist.com/mailman/listinfo/ccie_rs >>> > _______________________________________________ >>> > For more information regarding industry leading CCIE Lab training, >>> please >>> > visit www.ipexpert.com >>> > >>> > Are you a CCNP or CCIE and looking for a job? Check out >>> > www.PlatinumPlacement.com >>> > >>> > http://onlinestudylist.com/mailman/listinfo/ccie_rs >>> > >>> > >>> > >>> >>> >>> -- >>> With Warmest Regards, >>> >>> CCIE KID >>> CCIE#29992 (Security) >>> _______________________________________________ >>> For more information regarding industry leading CCIE Lab training, >>> please visit www.ipexpert.com >>> >>> Are you a CCNP or CCIE and looking for a job? Check out >>> www.PlatinumPlacement.com >>> >>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>> >> >> > > > -- > With Warmest Regards, > > CCIE KID > CCIE#29992 (Security) > > > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
