Re: IEWB Lab 18

From: kevin gannon (kevin@gannons.net)
Date: Fri Oct 21 2005 - 11:50:42 GMT-3

Just checked and our 350 Aironets dont send STP so I
eat my hat.

Regards
Kevin

On 10/21/05, Brian McGahan <bmcgahan@internetworkexpert.com> wrote:
> What if the access point is just bridging and is not running IP at all?
>
> Brian McGahan, CCIE #8593
> bmcgahan@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987 x 705
> Outside US: 775-826-4344 x 705
> 24/7 Support: http://forum.internetworkexpert.com
> Live Chat: http://www.internetworkexpert.com/chat/
>
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of De
> > Witt, Duane
> > Sent: Friday, October 21, 2005 8:13 AM
> > To: kevin gannon
> > Cc: Bola Adegbonmire; Cisco certification
> > Subject: RE: IEWB Lab 18
> >
> > Yeah, agreed. Invariably CDP/STP/SNMP/WLSE traffic would cause the AP
> to
> > be the first MAC learned by the switch, so a static sticky or maximum
> 2
> > addresses would be the best answer?
> >
> > Would the guys from IE care to comment?
> >
> > -----Original Message-----
> > From: kgannon@gmail.com [mailto:kgannon@gmail.com] On Behalf Of kevin
> > gannon
> > Sent: 21 October 2005 12:58 PM
> > To: De Witt, Duane
> > Cc: Bola Adegbonmire; Cisco certification
> > Subject: Re: IEWB Lab 18
> >
> > Dont have an AP to test but I would bet this is caused by
> > CDP/STP traffic. Two would be a better option and hardcode
> > a sticky for the AP.
> >
> > Regards
> > Kevin
> >
> > On 10/21/05, De Witt, Duane <duane.dewitt@siemens.com> wrote:
> > > Hi Bola
> > >
> > >
> > >
> > > Thanks for the response. Take a look below, I happen to have a
> client
> > > network that I can take info from:
> > >
> > >
> > >
> > > This is the show arp on the AP, it shows the MAC of the AP:
> > >
> > > Internet 172.16.254.131 - 000f.903e.3ae7 ARPA BVI1
> > >
> > >
> > >
> > > This is the show mac-address-table of the switch that the AP
> connects
> > > to:
> > >
> > > RCI-GND-SW-2#show mac-address-table interface fastEthernet 0/47
> > >
> > > Mac Address Table
> > >
> > > -------------------------------------------
> > >
> > >
> > >
> > > Vlan Mac Address Type Ports
> > >
> > > ---- ----------- -------- -----
> > >
> > > 1 000f.903e.3ae7 DYNAMIC Fa0/47
> > >
> > > Total Mac Addresses for this criterion: 1
> > >
> > >
> > >
> > > So, it shows that the MAC of the AP is learned by the switch and
> would
> > > count as a secure address. Not sure if this proves anything though.
> > >
> > >
> > >
> > > ________________________________
> > >
> > > From: Bola Adegbonmire [mailto:bolaccie@yahoo.com]
> > > Sent: 21 October 2005 11:42 AM
> > > To: De Witt, Duane; Cisco certification
> > > Subject: Re: IEWB Lab 18
> > >
> > >
> > >
> > > Hi Duane,
> > >
> > >
> > >
> > > I believe the solution is right based on the following. The AP is a
> > > swicth, except that it is a wireless swicth (in quote). As a result
> it
> > > does not forward its own mac-address when forwarding datagrams
> through
> > > it to the network. Only a router replaces the originating
> mac-address
> > > with its own when forwarding packets received on one interface out
> > > another to the network.
> > >
> > >
> > >
> > > So IEWB solution is right.
> > >
> > >
> > >
> > > Or am I missing something group?
> > >
> > >
> > >
> > > Bola
> > >
> > > "De Witt, Duane" <duane.dewitt@siemens.com> wrote:
> > >
> > > Hi Group
> > >
> > >
> > >
> > > Lab 18 requires only one person to be able to use an AP by
> > using
> > > port-security. The recommended solution is 'violation
> protect'
> > > and
> > > 'mac-address sticky'.
> > >
> > >
> > >
> > > If the default maximum mac-addresses is 1 then the only
> > > mac-address that
> > > will be allowed is the mac of the AP itself. Shouldn't the
> > > maximum be
> > > changed to 2 to allow the mac of the AP as well as the mac
> of
> > > the one
> > > person?
> > >
> > >
> > >
> > > Regards
> > >
> > > Duane
> > >
> > >
> > >
> > > ____________________________________________
> > > SIEMENS Siemens Business Services
> > > Siemens Service Center
> > >
> > > 126 14th Road
> > >
> > > Erand Gardens
> > >
> > > Midrand
> > >
> > > South Africa
> > >
> > >
> > >
> > > * +27 11 5452555
> > > * +27 83 4452768
> > > * +27 11 5415219
> > > * duane.dewitt@siemens.com
> > >
> > >
> > >
> >
> _______________________________________________________________________
> > > Subscr iption information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > > ________________________________
> > >
> > > size=1 width="100%" align=center>
> > >
> > > Yahoo! FareChase - Search multiple travel sites in one click.
> > >
> >
> <http://us.lrd.yahoo.com/_ylc=X3oDMTFqODRtdXQ4BF9TAzMyOTc1MDIEX3MDOTY2OD
> > >
> >
> gxNjkEcG9zAzEEc2VjA21haWwtZm9vdGVyBHNsawNmYw--/SIG=110oav78o/**http%3a/f
> > > arechase.yahoo.com/>
> > >
> > >
> >
> _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > > --
> > > This message has been scanned for viruses and
> > > dangerous content by MailScanner, and is
> > > believed to be clean.
> >
> >
> _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.

This archive was generated by hypermail 2.1.4 : Sun Nov 06 2005 - 22:00:52 GMT-3