Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
704
Views
0
Helpful
6
Replies

Basic Improvements on Network

Go to solution
anousakisioannis
Level 1
Level 1

‎04-03-2018 03:41 AM - edited ‎03-05-2019 10:12 AM

Hello all,

 

I am new in a networking job and i have noticed some misconfigurations.

 

For example i checked the time on L3 switch and i noticed that is completely wrong.

Also, on some interfaces i saw that the below configuration which it doesn't seem to be correct

##################

switchport access vlan 80
switchport trunk native vlan 80
switchport trunk allowed vlan 80,81
switchport mode trunk
switchport voice vlan 81
spanning-tree portfast

##################

 

Can you please suggest me some other basic/initial improvements that i have to check and fix them?

 

Is there something like a "guide" for such cases in order to have it a reference?

 

Thank you in advance,

Giannis 

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎04-03-2018 04:00 AM

Hi there,

Certainly having your switches synced with the same NTP would be a good idea.

Regarding the interface config you have shared, it is perfectly valid. The switchport access xx is redundant config whilst the switchport mode is trunk. It will not affect its operation.

 

If you want a good guide to get stuck into, take a look at this. No doubt you will find plenty to implement! :

https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html

 

cheers,

Seb.

View solution in original post

0 Helpful

Go to solution
konstantinoschiotakis
Level 1
Level 1

‎04-03-2018 04:37 AM

Hi anousakisioannis,

I would suggest Cisco best practices documents for improvements regarding your network. Security and basic configuration wise the Cisco Guide to Harden Cisco IOS Devices is a good start:

https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html#anc47

HTH,

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎04-03-2018 04:00 AM

Hi there,

Certainly having your switches synced with the same NTP would be a good idea.

Regarding the interface config you have shared, it is perfectly valid. The switchport access xx is redundant config whilst the switchport mode is trunk. It will not affect its operation.

 

If you want a good guide to get stuck into, take a look at this. No doubt you will find plenty to implement! :

https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html

 

cheers,

Seb.

0 Helpful

Go to solution
anousakisioannis
Level 1
Level 1
In response to Seb Rupik

‎04-03-2018 04:19 AM

Hello Seb,

 

Thank you for your fast response! It seems a good document to start.

Regarding the interface configuration, this port is working as a trunk. right?

And when you say redundant, do you mean that if i disable trunking will be access?

 

Regards,

Giannis

0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to anousakisioannis

‎04-03-2018 04:33 AM

Yes, the port is working as a trunk. Use the following command to confirm:

sh int <switchport_name> switchport

 

...this will show you the operational mode. You can only have one switchport mode listed at any one time; they will replace each other in the config.

It is redundant as it serves no purpose whilst the operational mode of the switchport is not access.

 

cheers,

Seb.

0 Helpful

Go to solution
anousakisioannis
Level 1
Level 1
In response to Seb Rupik

‎04-03-2018 04:37 AM

Clear!!!!!

Thank you very much!
Giannis
0 Helpful

Go to solution
konstantinoschiotakis
Level 1
Level 1

‎04-03-2018 04:37 AM

Hi anousakisioannis,

I would suggest Cisco best practices documents for improvements regarding your network. Security and basic configuration wise the Cisco Guide to Harden Cisco IOS Devices is a good start:

https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html#anc47

HTH,
0 Helpful

Go to solution
anousakisioannis
Level 1
Level 1
In response to konstantinoschiotakis

‎04-03-2018 04:44 AM

Thank you Konstantinos!
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card