Configuring MPP

3-46 Securing Networks with Cisco Routers and Switches (SNRS) v2.0

Note

When the last configured interface is deleted, the MPP feature turns itself off.

Follow these steps to configure a network device: Step 1 Enter control plane host configuration mode.

router(config)# control-plane host

Syntax Description host

Applies policies to host control plane traffic.

Step 2 Configure an interface to be a management interface and specify which management protocols are allowed.

router(config-cp-host)# management-interface interface allow protocols

Syntax Description

interface

Name of the interface that you are designating as a management interface

protocols

Management protocols you want to allow on the designated management interface

Protocols can be one of the following:

■ Block Extensible Exchange Protocol (BEEP)

■ SSH version 1 (SSHv1) and SSH version 2 (SSHv2)

■ TFTP

The management-interface allow command is useful when you want to restrict access of management protocols to a device through a particular interface. An additional benefit of dedicated management interfaces is that they prevent management traffic floods on switching and routing interfaces from reaching the CPU.

© 2007 Cisco Systems, Inc. Cisco Network Foundation Protection 3-47

Was this article helpful?

0 0

Post a comment