The protocols are Cisco proprietary but that doesn't mean that other vendors don't have similar features, Juniper switches call bpduguard BPDU-Protect for example. Anyway the basic functionality is the same across vendors if the switch detects a BPDU from any device it will disable the port etc.
Cheers, Donald Robb Productive Networks / Network Consultant ______________________________________________________________ CCIE Written, CCIP, CCSP, CCDP, CCNP, CCNA: Voice, JNCIP, SCP, MCSA 2003, Security+, CCSE.R65, PACE Experts-Exchange: Guru - R&S -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of CCIE KID Sent: January-12-12 9:40 PM To: Pedram Zadeh Cc: CCIE OSL; Cisco certification Subject: Re: [OSL | CCIE_RS] OT: Authentication in STP Hi Pedram, All the protocols which u guys say is CISCO PROPRIETARY .. Is there any open standard ptotocol which does this job. If i connect a Alcatel Lucent switch or else a Juniper Switch , how will a Cisco Switch react.. So thats what the whole point here? On Fri, Jan 13, 2012 at 10:03 AM, Pedram Zadeh <[email protected]>wrote: > For this goal, you should configure *all* access ports as portfast and > also configure spanning-tree portfast bpduguard default. If any rogue > switch get connected and start to participate in STP process, the port > will be put in err-disable mode and they should get administrator to resolve it! > syslog and snmp trap also can be configured to notify admin as well. > > On Fri, Jan 13, 2012 at 2:18 PM, CCIE KID <[email protected]> wrote: > >> Hi buddy, >> >> We are using VTP in Transparent mode. So it is literally turning off VTP. >> It is not all about VTP password. Customer wants to check a >> particular switch when connected to the network should be a >> legitimate switch and it should be checked against a database to >> authenticate whether it is a legitimate switch or a rogue switch. >> >> Thats what i am looking for some authentication with respect to STP. >> >> >> >> >> >> >> On Fri, Jan 13, 2012 at 4:44 AM, WaLeEd AlShErIf >> <[email protected] >> >wrote: >> >> > I agree with David , you need to use VTP password , here is a link >> > for >> it >> > >> > >> > >> http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note091 >> 86a0080094c52.shtml >> > >> > Yours, >> > Waleed >> > >> > *From:* David Sudjiman <[email protected]> >> > *To:* CCIE KID <[email protected]> >> > *Cc:* CCIE OSL <[email protected]>; Cisco certification < >> > [email protected]> >> > *Sent:* Thursday, January 12, 2012 11:56 PM >> > *Subject:* Re: [OSL | CCIE_RS] OT: Authentication in STP >> >> > >> > Your customer didn't mistakenly read about VTP password? >> > >> > Regards, >> > David Sudjiman >> > (Sent from Mobile) >> > >> > On 13/01/2012, at 5:22 AM, CCIE KID <[email protected]> wrote: >> > >> > > Hi fellas, >> > > >> > > My customer is asking for any authentication in STP. Can someone >> > > tell >> me >> > > that if there is any Authentication mechanism in STP to validate >> > > to >> > correct >> > > birdges with some hash value and try to avoid rogue bridges with >> this. I >> > > searched in RFC's and i guess there is no Authentication >> > > mechanism in >> > STP . >> > > So is there any other IEEE standard for STP Authentication. >> > > I found Cisco Proprietary Root Guards which basically tells avoid >> > > any superior BPDUs and avoid that port as Root port. >> > > >> > > I know Root Guard doesnt do any authentication . But is there any >> other >> > > mechnaism where can do authenticating the bridges in STP logic >> > > >> > > I believe Radia Perlman is still kicking for this :) >> > > >> > > >> > > -- >> > > With Warmest Regards, >> > > >> > > CCIE KID >> > > CCIE#29992 (Security) >> > > _______________________________________________ >> > > For more information regarding industry leading CCIE Lab >> > > training, >> > please visit www.ipexpert.com >> > > >> > > Are you a CCNP or CCIE and looking for a job? Check out >> > www.PlatinumPlacement.com <http://www.platinumplacement.com/> >> >> > > >> > > http://onlinestudylist.com/mailman/listinfo/ccie_rs >> > _______________________________________________ >> > For more information regarding industry leading CCIE Lab training, >> please >> > visit www.ipexpert.com >> > >> > Are you a CCNP or CCIE and looking for a job? Check out >> > www.PlatinumPlacement.com >> > >> > http://onlinestudylist.com/mailman/listinfo/ccie_rs >> > >> > >> > >> >> >> -- >> With Warmest Regards, >> >> CCIE KID >> CCIE#29992 (Security) >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, >> please visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> >> http://onlinestudylist.com/mailman/listinfo/ccie_rs >> > > -- With Warmest Regards, CCIE KID CCIE#29992 (Security) _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
