Cisco Systems OL-8978-02 manual Configuring a Trusted Boundary to Ensure Port Security, 55-33

Page 33

Chapter 55 Configuring a VoIP Network

Configuring VoIP on a Switch

This example shows how to set the phone access port to the untrusted mode:

Console> (enable) set port qos 3/7 trust-ext untrusted

Port in the phone device connected to port 3/7 is configured to be untrusted.

Console> (enable)

Setting the Phone Access Port CoS Value

To set the phone access port CoS value, perform this task in privileged mode:

Task

Command

 

 

Set the phone access port CoS value.

set port qos mod/ports cos-ext cos_value

 

 

This example shows how to set the Layer 2 CoS value that is used by a phone access port in untrusted mode:

Console> (enable) set port qos 2/1 cos-ext 3

Port 2/1 qos cos-ext set to 3.

Console> (enable)

Verifying the Phone Access Port QoS Configuration

To verify the phone access port QoS configuration, perform this task in normal mode:

Task

Command

 

 

Verify the phone access port QoS configuration.

show port qos [mod[/port]]

 

 

This example shows how to verify the phone access port QoS configuration:

Console> (enable) show

port qos 3/4

<...

Output Truncated...

>

Port

Ext-Trust Ext-Cos

----- --------- -------

3/4

untrusted

0

<...

Output Truncated...

>

Configuring a Trusted Boundary to Ensure Port Security

This section describes the trusted boundary that is used to prevent security problems if users disconnect their PCs from the networked Cisco IP Phones and plug them directly into the switch port to take advantage of the QoS trust-cosswitch port settings.

These sections describe the trusted boundary:

Supported Cisco IP Phones, page 55-34

QoS and Cisco IP Phone Configuration, page 55-34

QoS, Cisco IP Phone, and PC Configuration, page 55-34

Trusted Boundary Configuration Guidelines, page 55-35

Configuring a Trusted Boundary, page 55-36

 

 

Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7

 

 

 

 

 

 

OL-8978-02

 

 

55-33

 

 

 

 

 

Page 32 Page 34
Image 33
Page 32 Page 34
Contents 55-1 A P T E R55-2 Cisco IP Phone55-3 55-4 Cisco CallManager Access GatewaysAnalog Station Gateway 55-5Analog Trunk Gateway FXS Interface FeaturesDigital Trunk Gateway 55-6Converged Voice Gateway Digital Signal Processing Per T1/E1 PortLink Management 55-755-8 How a Call Is Made55-9 Switch-to-Phone ConnectionsCLI Commands Ethernet Module1 WS-X6608-T1/E12 WS-X6624-FXS3 Voice-Related CLI CommandsSet port inlinepower Set inlinepower defaultallocation Show port inlinepowerConfiguring Per-Port Power Management Show environment power55-11 Task Command Show module mod55-12 Power Management Modes Show version mod55-13 Power Requirements Phone Class Required Power W55-14 Wall-Powered Phones Available PowerPowering Off the Phone Phone RemovalPhone Detection Summary High-Availability Support55-16 Setting the Default Power Allocation Setting the Power Mode of a Port or a Group of PortsSet port inlinepower mod/port auto static 55-17Set inlinepower notify-threshold percentage Show port inlinepower mod /port detail55-18 Show environment power mod Displaying the Switch Power Environment for ModulesConsole show port inlinepower 4/1 detail Console enable show environment powerEnter the set port auxiliaryvlan mod/port auxvlanid command Configuring the Auxiliary VLANs on Catalyst LAN SwitchesUnderstanding the Auxiliary VLANs 55-20Configuring the Auxiliary VLANs Auxiliary Vlan Configuration GuidelinesSet port auxiliaryvlan mod /ports vlan Untagged dot1p noneDisabling the Auxiliary VLANs Until an IP Phone is Detected Verifying the Auxiliary Vlan ConfigurationKeyword Action 55-22Configuring the Access Gateways Configuring a Port Voice Interface55-23 Displaying the FDL Statistics Displaying a Port Voice Interface ConfigurationShow port voice interface mod /port Show port voice fdl mod /portConsole enable show port voice fdl 7/1-3 Displaying the Port Configuration for the Individual PortsField Description Show port mod /portPort T1/E1 Pstn Interface Module 55-26Console show port 55-27 55-28 Port FXS Analog Interface ModuleShow port voice active mod/port Displaying the Active Call InformationAll call conference transcode ipaddr 55-2955-30 Console show port voice activeConsole show port voice active 3/2 Configuring QoS in the Cisco IP Phone Understanding How QoS Works in the Cisco IP Phone55-31 Setting the Phone Access Port Trust Mode Configuring QoS in the Cisco IP PhoneSet port qos mod/ports...trust-ext trusted UntrustedSetting the Phone Access Port CoS Value Configuring a Trusted Boundary to Ensure Port SecurityVerifying the Phone Access Port QoS Configuration 55-33QoS, Cisco IP Phone, and PC Configuration QoS and Cisco IP Phone ConfigurationSupported Cisco IP Phones 55-3455-35 Trusted Boundary Configuration Guidelines55-36 Configuring a Trusted BoundarySpecifying a Cisco IP Phone as the Trust Device Default ConfigurationVerifying a Port’s Trust-Device State 55-3755-38 Understanding SmartPorts MacrosSmartPorts-Cisco IP Phone SmartPorts-Cisco Softphone55-39 SmartPorts Guidelines and Restrictions Ciscoipphone Command Output Command DescriptionCLI Interface for SmartPorts 55-41Console enable set port macro 3/1 ciscoipphone vlan Ciscosoftphone Command OutputConsole enable set port macro 3/1 ciscosoftphone vlan Detailed SmartPorts StatementsCiscoipphone Macro Statement How to Use SmartPorts in Your NetworkCiscosoftphone Macro Statement Keyword Port TypeSmartPorts Enhancements in Software Release Ciscorouter SmartPorts Template55-44 Ciscodesktop SmartPorts Template Ciscoswitch SmartPorts Template55-45 Set port macro mod/port ciscodesktop vlan vlanCiscosoftphone SmartPorts Template Ciscoipphone SmartPorts Template55-46 Set port macro mod/port ciscosoftphone vlan nativevlanGlobal SmartPorts Template Configuring User-Definable SmartPorts MacrosOverview 55-47Console enable set macro name videophone Using the CLI to Configure User-Definable SmartPorts MacrosCreating User-Defined Macros 55-48Modifying Existing User-Defined Macros Defining Variables55-49 Using Special Variables Applying a User-Defined Macro55-50 Console enable set port macro 3/2 videophone Console enable set port macro 3/7 videophone55-51 Displaying Macro Variables Displaying MacrosShow macro name nameofmacro show macro all 55-52Clearing Macros and Macro Variables Clear macro name nameofmacro clear macro all55-53 Displaying Macro Port Mappings Show macro map all name nameofmacro port mod/port55-54 Configuring a Macro within a Macro Console enable show macro map port 3/255-55 55-56

OL-8978-02 specifications

Cisco Systems OL-8978-02 is a comprehensive training curriculum designed to enhance the skills and knowledge of network professionals seeking to advance their careers in network management and security. This curriculum offers a significant focus on Cisco networking technologies and concepts, ensuring that learners are well-equipped to handle the intricacies of modern network environments.

One of the primary features of OL-8978-02 is its in-depth coverage of foundational networking concepts, which are crucial for effective network administration. The curriculum includes detailed modules on networking fundamentals, such as OSI and TCP/IP models, LAN and WAN architectures, and network protocols. This solid foundation enables learners to understand how different networking components interact and function together, forming the backbone of corporate and enterprise environments.

In addition to foundational knowledge, OL-8978-02 integrates a strong focus on security technologies and practices. Considering the increasing prevalence of cyber threats, the course emphasizes the importance of implementing robust security measures. Participants will learn about firewalls, intrusion prevention systems, VPNs, and other critical security technologies. This focus ensures that learners are prepared to safeguard networks against evolving security threats, a necessity in today’s digital landscape.

Another distinguishing characteristic of the OL-8978-02 curriculum is its emphasis on hands-on experience. The program often includes practical labs and simulations, allowing participants to apply theoretical knowledge in real-world scenarios. This experiential learning approach is pivotal for solidifying skills and boosting confidence in network management tasks.

Furthermore, OL-8978-02 addresses the latest advancements in networking technology, including software-defined networking (SDN) and cloud computing. By introducing emerging technologies, this curriculum ensures that professionals remain ahead of the curve, ready to adapt to the future demands of networking.

Finally, Cisco Systems OL-8978-02 positions itself not only as an educational tool but also as a career catalyst, providing learners with skills that are highly sought after in the IT job market. Upon completion, participants often find themselves well-prepared for various Cisco certifications, which can enhance their employability and professional growth opportunities in a competitive landscape. Through its thorough approach, OL-8978-02 plays a vital role in shaping the next generation of network professionals.
Top Page Image Contents