Cisco Systems OL-19806-03 manual Preventing Network Access to a Non-Cisco End Point

Page 22

Chapter 1 Managing Single Entities

Preventing Network Access to a Non-Cisco End Point

Preventing Network Access to a Non-Cisco End Point

We do not recommend using PC clients running EnergyWise Orchestrator as domain members. In an EnergyWise network, non-Cisco endpoints could have access to the connected IP network and the Internet.

Figure 1-4

PC with Access to the EnergyWise Network and the Internet

 

 

 

 

 

 

 

 

 

 

6

 

 

 

 

 

SVI 10

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

VLAN 10

 

 

VLAN 20

 

 

 

 

 

 

10.0.0.42

 

 

20.0.0.5

 

 

 

 

 

 

 

 

 

 

 

8

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

5

 

 

254195

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

2

 

 

 

3

4

 

7

 

 

 

 

SVI 20

VLAN 10

1

 

 

 

 

 

 

 

 

 

 

VLAN 20

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

20.0.0.1

10.0.0.5

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

1

Domain member

 

5

Internet

 

 

 

 

 

 

 

 

 

 

 

 

 

2

Non-Cisco end point running an EnergyWise agent or client

6

DCHP server

 

 

 

 

 

 

 

 

 

 

 

 

 

 

3

Layer 2 switch

 

7

Router

 

 

 

 

 

 

 

 

 

 

 

 

 

4

Layer 3 switch

 

8

Management interface SVI 11

 

 

 

 

 

 

 

 

 

 

 

 

 

 

For example, in this network, to receive an IP address from the DHCP server, the PC sends a broadcast message to the switches, which forward the message to the Internet. The DHCP server receives the message and assigns an IP address to the PC.

When the PC sends an EnergyWise message to the Layer 2 switch, it forwards the message to the Layer 3 switch instead of responding to it. The Layer 2 switch and the connected PC are in different VLANs. The Layer 3 switch also forwards the message.

If the message is forwarded to the router, the router adds the PC to the router MAC address table as a directly connected device. To prevent this, you can configure a switched virtual interface (SVI) on the Layer 2 switch so that the PC and switch are now in the same VLAN.

The PC now has access to the connected IP network and to the Internet.

When the PC sends messages to the switch, the switch now responds to the messages instead of forwarding them.

The PC can also send messages to and receive messages from the IP network.

 

Cisco EnergyWise Configuration Guide

1-14

OL-19806-03

Page 21 Page 23
Image 22
Page 21 Page 23
Contents Cisco EnergyWise Configuration Guide Americas HeadquartersCisco EnergyWise Configuration Guide N T E N T S Important Notice C-1 Purpose AudienceConventions Preface Related Publications For information about the Cisco network devices, seeObtaining Documentation, Support, and Security Guidelines Managing Single Entities Overview Network management stations Domain membersCreating an EnergyWise Domain Power Levels Category Level DescriptionRecurring Event Definition DefaultsAttributes Secure Domain CommunicationMIBs Switch Connected to an IP Phone Management station Domain memberSwitch Connected to a PC Switch and PC ScenarioConfiguration Guidelines Cisco EnergyWise Configuration Guide Using the Call In-Progress Feature This is the configuration for the PoE portEnergyWise Entity PoE Mode Auto Never Static PoE and EnergyWise InteractionsPreventing Network Access to a Non-Cisco End Point CLI Compatibility Issues PC without Access to the EnergyWise Network and the InternetManually Managing Power Enabling EnergyWise, Configuring Entity Attributes,Command Purpose Energywise keywords word,word Shared-secret 0 7 mgmt-password portEnergywise importance importance Energywise management securityEnergywise role role Energywise name nameEnergywise neighbor hostname ip-address Energywise allow query save setEnergywise level level Copy running-config startup-configInterface interface-id Show energywise childrenEnergywise name name Energywise role roleEnergywise activitycheck Configuring Recurring EventsShow running-config Energywise allow query setMonday , Tuesday , Wednesday , Thursday , Friday Energywise level level recurrence importance Copy running-config startup-configShow energywise recurrence Dayofmonth month Dayofweek timerange Command Mode PurposeDisabling EnergyWise To power on the lab IP phones ExamplesAutomatically Managing Power To power off anIP phone connected to a PoE portIf the time range has end times and days such as Pc-mgrManaging Multiple Entities Running QueriesManaging Multiple Entities Running Queries Multiple Switches Connected to Multiple End Points Management station End point Domain memberEnergywise query importance importance Using Queries to Manage Power in the DomainDelta usage timeout timeout Keywords word,word, ... name name collectOptional Runs a query to power on or off the domain members Keywords word,word, ... name name set levelQuerying with the Name Attribute Setting the Time-Out Value Verify the power levelsOL-19806-03 EnergyWise CLI Commands Clear energywise neighbors Endpoint Debug energywiseDebug energywise endpoint management ManagementSave-Responds to a query to save the running configuration Energywise global configurationDomain member, configures the switch to Energywise allow query save setNeighbor hostname Level levelName name Role roleKeywords Neighbors are not assigned Role is the model numberAllow query save set keywords were added Management passwords Activitycheck Energywise interface configurationNo energywise domain Allow query setImportance importance Keywords word,wordRecurrence Time-rangeSecurity Command Default Command Modes Command HistoryUdp port Absolute Command Description Ntp-shared-secret Energywise domainSecurity Protocol udp portRelated Commands Description Command Modes Command HistoryUsage Guidelines Examples Energywise query Timeout timeoutCollect delta usage Members and end points Set level levelSum delta usage Delta-Display the delta vectorSwitch# energywise query importance 90 name * collect delta These examples show how to filter results with keywords Switch# energywise query importance 90 name * set levelLevel-change Snmp-server enable traps energywiseEvent-occured Neighbor-addedTo send EnergyWise traps to the NMS To send only EnergyWise event traps to the NMSShow energywise Switch# show energywise children Domain Cisco Protocol Statistics Energywise interface configuration Energywise global configurationEnables and configures EnergyWise on the entity Configures EnergyWise on the PoE portOL-19806-03 Using CLI Commands Verifying the Power Usage Cisco EnergyWise and Catalyst 4500 Switches OL-19806-03 Cisco EnergyWise and Catalyst 6500 Switches OL-19806-03 Important Notice DisclaimerCisco EnergyWise Configuration Guide Statement 1071-Warning Definition Bewaar Deze InstructiesWarnung Wichtige Sicherheitshinweise Avvertenza Importanti Istruzioni Sulla SicurezzaAviso Instruções Importantes DE Segurança Guarde Estas InstruçõesGEM Disse Anvisninger Page OL-19806-03
Top Page Image Contents