Category Archive Security

protecting the CAM Table using Port Security

On a Cisco Catalyst Switch, are very specific microchips that are used to copy an Ethernet Frame one an ingress port to an Egress port based on SRC and DST MAC Address. Among one of the other functions of the CAM table is to store the MAC Address Table. I…

understanding tacacs-server directed-request command

I find people getting confused on understanding command “tacacs-server directed-request” on Cisco IOS routers. Lets have a look how does it behaves. Suppose we have two tacacs servers configured on a router. tacacs-server host 10.0.0.1 tacacs-…

802.1x Configuration & Troubleshoot

This Troubleshooting 802.1x document provides the step-by-step procedures that are documented for easy reference and later use for the 802.1X Basic Troubleshooting. The IEEE 802.1X standard defines a client-server-based access control and authentication p…

Configure and Troubleshoot GRE over IPsec VPN with NAT device in between

IPsec is a complex technology and it becomes more complex when a NAT device is in the path between a site to site GRE over IPsec VPN. In my production environment a problem escalated to me stating that site to site IPsec tunnel had not been coming up. Whe…

HSEC-K9 requirement on ISR G2 routers

I came across a scenario where a site was facing slowness, this site was having edge Cisco router 2951 configured with two GRE over IPsec tunnels towards the Data Center. One tunnel was being used as primary and other as secondary for data traffic. Users …