[VOIPSEC] VoIP Blocking Filter w/Ettercap
Troy Sherman
tsherman at cisco.com
Sun Jul 31 23:16:20 CDT 2005
Nope, not just the smartports stuff, although that is some good stuff :)
It is only on catos version 8.4 -
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_8_4/cmd_ref/s
et_po_r.htm#wp1235003
It is called cdpverify, one word, took me a while to re-find it :)
Some of the switches do not allow traffic until they see cdp, the one's that
I have tested are the 3750, but it is not on all platforms currently.
Ciao,
Troy Sherman
JAG 1024
-----Original Message-----
From: Erick Bergquist [mailto:ebergquist at ameritech.net]
Sent: Saturday, July 30, 2005 2:36 PM
To: Troy Sherman; 'Michael Todd'
Cc: Voipsec at voipsa.org; 'Credland, Jim'
Subject: RE: [VOIPSEC] VoIP Blocking Filter w/Ettercap
Troy,
On the Verifying of CDP comment below, are you
refering to the SmartPort macro commands (qos trust
ciscoipphone, etc) or something else? I tried
searching for a CDP verify command, etc but the qos
trust commands are closest I am finding.
Thanks.
--- Troy Sherman <tsherman at cisco.com> wrote:
> THS - Some switches now look at CDP (I know, but
> more difficult, do not
> remember the IOS versions) to make sure that they
> are seeing a CDP packet
> from the phone before they allow traffic on that
> voice vlan. It is baby
> steps until some newer features come out in the
> future. The best one off the
> top of my head is on the CatOS on the 6k (8.3.(4) I
> think), it uses a
> command called CDP verify to check this, otherwise
> traffic is blocked.
More information about the Voipsec
mailing list