When troubleshooting a problem with Access Control lists, one of the things you would want to do is to clear the counters on the ACL matches.
In Cisco IOS, you can clear the ACL Matches counters as follows:
Tag: Cisco
Logging Synchronous while working in Cisco Router/Switch Console
Another beginner tip that can be useful!
When you work on the Cisco Router or Catalyst Switch console, it would be annoying to have the console or terminal (telnet/ssh) logs to pop in between your commands. This can be even more irritating when it is busy switch or a router spitting messages continuously.
Configure Access/trunk/Dynamic modes in Catalyst switches unconditionally
In Cisco Catalyst switches, each switchport can be set to different VLAN Membership modes using the "switchport mode" command. This sets the port unconditionally.
The different modes include
Configure Named Acces Control Lists (ACL) in Cisco Routers
With Cisco IOS version 11.2, Cisco introduced the Named ACLs. Named ACLs are Standard or Extended ACLs which are give names instead of a ACL number. Technically, other than giving a name to the ACL there isn't any other difference when it comes to the functionality as in Standard or Extended ACL.
Configure Extended Access Control Lists(ACL) in Cisco Routers
Extended ACLs are advanced than the Standard ACLs. Unlike the Standard Access Lists where it checks only the Source IP Address to control the flow of the packets, Extended ACLs can check the
Source & Destination Address
Protocols (IP,ICMP,TCP,UDP)
Source & Destination ports
VoIP Hopper – Opensource Security tool to test VoIP
VoIP Hopper is a Unix/Linux based free opensource security tool that rapidly runs a VLAN Hop into the Voice VLAN on specific Ethernet switches. VoIP Hopper mimicks the behavior of an IP Phone, in both Cisco and Avaya IP Phone environments to hope into the Voice VLAN. VoIP Hopper is both a VLAN Hop test tool and a tool to test VoIP infrastructure security.
How to prevent VLAN Hopping in Cisco Switches
A malicious user can easily gain access to data on another VLAN to which he is not authorised to access using VLAN hopping. A VLAN Hoping attack can be launched by using a Switch Spoofing or Double Tagging of 802.1q trunking protocol. To have a quick insight into VLAN Hopping, click here.
You can prevent VLAN Hopping in Cisco Switches as follows: