[VOIPSEC] VoIP Blocking Filter w/Ettercap
tsherman at cisco.com
Mon Aug 1 05:16:20 BST 2005
Nope, not just the smartports stuff, although that is some good stuff :)
It is only on catos version 8.4 -
It is called cdpverify, one word, took me a while to re-find it :)
Some of the switches do not allow traffic until they see cdp, the one's that
I have tested are the 3750, but it is not on all platforms currently.
From: Erick Bergquist [mailto:ebergquist at ameritech.net]
Sent: Saturday, July 30, 2005 2:36 PM
To: Troy Sherman; 'Michael Todd'
Cc: Voipsec at voipsa.org; 'Credland, Jim'
Subject: RE: [VOIPSEC] VoIP Blocking Filter w/Ettercap
On the Verifying of CDP comment below, are you
refering to the SmartPort macro commands (qos trust
ciscoipphone, etc) or something else? I tried
searching for a CDP verify command, etc but the qos
trust commands are closest I am finding.
--- Troy Sherman <tsherman at cisco.com> wrote:
> THS - Some switches now look at CDP (I know, but
> more difficult, do not
> remember the IOS versions) to make sure that they
> are seeing a CDP packet
> from the phone before they allow traffic on that
> voice vlan. It is baby
> steps until some newer features come out in the
> future. The best one off the
> top of my head is on the CatOS on the 6k (8.3.(4) I
> think), it uses a
> command called CDP verify to check this, otherwise
> traffic is blocked.
More information about the Voipsec