02-11-2014 11:26 AM - edited 03-04-2019 10:19 PM
Im new to cisco, I have a question if yall can please answer it. yesterday while configuring my 881w router I came up with: ip address can not be configures on l2 links. so I did a research and found out that I had to do a Vlan in order to access CPExpress, so i did that and was able to get in the the GUI interface. Now my this is my problem, while reasearching a method to configuring the router I came up with a website that said something like: while creating a vlan make sure to change the default paswword "of something I can't remember" because hackers could try entering all passwords and get it to you vlan's. Also I was reserching about he vlan.dat file on the flash memory, but i dont remember where i got that hacker thing from. is this true? and how can you change default password form valn's? thank you.
Solved! Go to Solution.
02-11-2014 07:08 PM
Heber,
This isn't true. There are two things that you would need to be concerned about in an enterprise environment for security purposes: your account including password, and the native vlan should be changed from the default of vlan 1.
You would always want to change the default password on devices. Default passwords for equipment are readily available on the internet, and if someone were able to get access to your equipment and figure out what you're running, then they would be able to easily get into your equipment with a password found on the internet. That's why you want to change the default.
Maybe you read about changing the native vlan?
HTH,
John
*** Please rate all useful posts ***
02-12-2014 03:53 AM
That's correct. If you want your cameras on vlan 10, you'd make them an access port on vlan 10. If you want your computers on vlan 5, you'd make them access ports on vlan 5, etc.
HTH,
John
*** Please rate all useful posts ***
02-11-2014 07:08 PM
Heber,
This isn't true. There are two things that you would need to be concerned about in an enterprise environment for security purposes: your account including password, and the native vlan should be changed from the default of vlan 1.
You would always want to change the default password on devices. Default passwords for equipment are readily available on the internet, and if someone were able to get access to your equipment and figure out what you're running, then they would be able to easily get into your equipment with a password found on the internet. That's why you want to change the default.
Maybe you read about changing the native vlan?
HTH,
John
*** Please rate all useful posts ***
02-11-2014 07:20 PM
I got the default password on hardware as for the native vlan, how can it be changed from the default vlan 1? Also can you guve me a real life situaton when some one acces a vlan. What could happend? Thanks
02-11-2014 07:32 PM
Heber,
Do you mean how to change the native vlan? You would change your trunk links in order to make the vlan that you want untagged. If you have vlan 1, 10, and 20, and you want to make 20 the native vlan, you could make all ports on the switch access ports for vlan 20, and then on the uplink you would change the native vlan across the trunk with "switchport trunk native vlan 20".
HTH,
John
*** Please rate all useful posts ***
02-11-2014 07:53 PM
Oh i see, im undestanding now. The reaso why im asking is because i want to have my computers, ip cameras and streaming video devices in different vlans for security reasons. I order a 3750x switch, so im going to make 3 vlans ex. 5,10,15 one for each end devices. I have to set each port from the switch to be a switchport of a vlan to the respectively vlan number of each device correct?
02-12-2014 03:53 AM
That's correct. If you want your cameras on vlan 10, you'd make them an access port on vlan 10. If you want your computers on vlan 5, you'd make them access ports on vlan 5, etc.
HTH,
John
*** Please rate all useful posts ***
02-12-2014 07:35 PM
Than you so much for your help, now I undestand. Im going to use other vlans and not mess with the default vlan1 and assing in the other vlans a ssh connection to remotely conect to the switch!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide