Understanding CDP (Cisco Discovery Protocol)

5 (100%) 1 vote

928 views

cisco

Overview

Cisco Discovery Protocol (CDP) is a Cisco proprietary protocol which is used to collect information about neighboring routers and switches. It operates at Layer2 (data link layer) and comes in two versions CDPv1 (initial release) available since IOS version 10.3 and CDPv2 available from IOS Version 12.0(3)T. CDP is very useful when you need to gather information about the network topology like IP addresses, device capabilities, platform and also offers a quick way for troubleshooting and documenting the network. CDP is enabled by default on all available interfaces. CDP traffic between devices is not encrypted so this can be a real security issue. As best practice is recommended that CDP should be disabled mainly on devices that connects to external networks.

Continue reading…

Configuring SSH on Cisco routers and switches

5 (100%) 1 vote

1,063 views

cisco

Overview

Older IOS images on Cisco devices used telnet as default login method for the vty lines. Nowadays using telnet is not safe because all traffic including usernames and passwords is transmitted in clear text. This way anybody using a protocol analyzer can gain access to the data. Lately telnet access method has been replaced by SSH which offers increased security by encrypting all traffic between source and destination. SSH protocol comes in two versions SSH1 and SSH2. Communication between the client and server is encrypted in both versions. You should implement SSH version 2 when possible because it uses a more enhanced security encryption algorithm. SSH1 became available in Cisco’s IOS, starting with release 12.1(1)T. In order to use SSH2 you need a IOS version 12.3(4)T or newer.

Continue reading…