Cisco CSS 11501 Getting Started Guide - Page 61

Chapter 2 Configuring CSS Basics Configuring the Ethernet Management Port To disable the default gateway and set it to an IP address of 0.0.0.0, use the no form of the gateway address command. For example: config-boot)# no gateway address A default gateway of 0.0.0.0 for the Ethernet management port does not appear in the show boot-config command output for the CSS boot configuration. Discarding ICMP Redirects on the Ethernet Management Port By default, the Ethernet management port accepts all incoming ICMP redirects. If you do not configure static routes for the management port, the CSS disregards any ICMP redirect packets. However, when you configure static routes for the management port, the CSS incorporates the ICMP redirects to the port as an entry in the routing table. To enhance security on the CSS when you configure static routes on the management port, we strongly recommend that you configure the CSS management port to discard ICMP redirects. Note The Ethernet management port never transmits an ICMP redirect. If you remove a static route when the management port is configured to accept ICMP redirect packets, the CSS removes from the routing table the router entry created by the ICMP redirects associated with the static route. To configure the CSS to discard ICMP redirect packets on the Ethernet management port, enter: (config)# ip management no-icmp-redirect To reset the default behavior of accepting ICMP redirect packets on the Ethernet management port, enter: (config)# no ip management no-icmp-redirect To view whether the management port accepts or discards ICMP redirect packets, use the show ip configuration command to display the IP Management Port ICMP redirect field. When the port accepts ICMP redirects, the field entry displays enable. When the port discards ICMP redirects, the field entry displays disable. OL-6037-01 Cisco Content Services Switch Getting Started Guide 2-13