Table 10-4 lists the LSA types and their descriptions for reference; following the table, each type is explained in more detail, in the context of a working network. Table 10-4 OSPF LSA Types Before diving into the coverage of LSA types, two more definitions are needed: ■ Transit network—A network over which two or more OSPF routers have become neighbors, so traffic can transit from one to the other. ■ Stub network—A subnet on which a router has not formed ..
Overriding the Defaults for Login Security
The console, vty, and aux (routers only) lines can override the use of the default login authentication methods. To do so, in line configuration mode, the login authentication name command is used to point to a named set of configuration methods. Example 21-6 shows a named group of configuration methods called for-console, for-vty, and for-aux, with each applied to the related login method. Each of the named groups defines a different set of authentication methods. Example 2..
Now that you have a basic understanding of what a VPN is, let's discuss the components that make up a traditional VPN. Not every VPN implementation will include any or all of these components. Plus, based on the requirements listed in your security policy, you might not need all of these components. Therefore, you need to examine your security policy to determine which VPN implementation (or implementations) has the necessary components to meet your security policy's requirem..
Restricting VTY Access by Protocol
To restrict what protocols that you can use to access the routers VTY ports, use the transport input configuration command: Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z.Router1(config)#line vty 0 4Router1(config-line)#transport input telnetRouter1(config-line)#exitRouter1(config)#endRouter1# Most administrators do not realize that, by default, Cisco routers will allow VTY access via other protocols besides Telnet. In some..
Disabling OSPF on Certain Interfaces
The passive-interface configuration command effectively disables OSPF on an interface by preventing it from forming OSPF adjacencies: Router3#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router3(config)#router ospf 44 Router3(config-router)#network 0.0.0.0 255.255.255.255 area 100 Router3(config-router)#passive-interface Ethernet0 Router3(config-router)#exit Router3(config)#end Router3# A useful variant of this command allows you to..
