05-15-2013 04:01 AM - edited 03-07-2019 01:21 PM
Hello,
I would like to deploy smart install for remote branches. The idea to just drop blank switch and let them auto install default config is great.
I just wonder what are the minimum config requirement for the hosting switch ?
Is there a way to let a 802.1X port change its default behaviour if it detects a cisco switch ?
or at least, is there a way to "open" a port with all the trunk settings for a sub-switch, and auto protect it if someone tries to plug a non cisco switch or something else (PC/Phone,...) ?
Thanks for your feedback,
05-15-2013 04:07 AM
I just wonder what are the minimum config requirement for the hosting switch
Are you talking about ZeroTouch? If yes, try this.
is there a way to "open" a port with all the trunk settings for a sub-switch, and auto protect it if someone tries to plug a non cisco switch or something else
Wouldn't make a difference anyway. One of the things you need for ZeroTouch is to specify the exact model/sub-model. So, let's say you specified a 2960 but someone's plugged a 3560. Since it's not in your configuration, the switch does nothing. It gets even better, say someone plugs an HP1824, again, the switch does NOT understand non-Cisco so it does nothing.
Now you want to enable Dynamic Ports so when someone plugs a PC, an auto macro for PC is envoked? Hmmmm ... haven't tried this before. But I'm not sure if this is do-able. It'll make your switch configuration very complicated.
05-15-2013 05:15 AM
Thanks for your reply.
in fact I was too much focus on smart install, and I wasn't able to find other info.
I've found all the relevant info about setuping the vstack, but I was just wondering how I can configure the Interface section of the switch to allow plug n play setups.
It looks like the best way is (as you mentionned) to merge both smartport and smart install.
ie:
a port is by default setup as smart port:
-if a cisco switch is detected, then port loads the switch trunk configuration (trunk admin vlan, and vlans supposed to be used by the sub-switch)
-else it loads the 802.1X config with switchport port-security maximum to catch any "alien" switch
I just need to add better filtering things to limit and hardened the cisco switch detection.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide