Cisco WS-X6248-RJ-45 - Catalyst 6000 Expansion Module Manual de usuario Pagina 27
- Pagina / 42
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Cisco Systems, Inc.
All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 27 of 42
Access Control Lists (ACLs)
Cisco Catalyst 6500 Series running Hybrid OS support the following types of ACLs:
• IOS Routing ACLs (RACLs) provide access control for routed traffic between VLANs. Standard and extended
IOS ACLs are configured on the input and output of routerinterfaces and,as such, are appliedto routedpackets.
The use of IOS ACLs requires both a PFCx and a MSFCx on the Cisco Catalyst 6500 Series.
• VLAN ACLs (VACLs) provide access control based on Layer 3 or Layer 4 information for IP or IPX protocols.
A VACL is applied to all packets (bridged and routed) on a VLAN and can be configured on any VLAN interface.
VACL functionality requires a PFCx.
• QoS ACLs are used to identify ingress traffic which should be marked or policed upon entering a port or VLAN.
QoS ACL functionality requires a PFCx.
IOS RACLs have the same implementation in Hybrid as in Cisco IOS (whether on the Cisco Catalyst 6500 or any
other IOS router). QoS ACLs for both operating systems are covered in the QoS section of this white paper. This
section describes the differences between the VACL implementation in CatOS and Cisco IOS Software.
VLAN Access Control Lists (VACLs)
For CatOS, configuring a security ACL statement creates a VACL. This statement is used to configure all match and
action parameters for the security policy.
The VACL configuration in Cisco IOS is based on the traditional IOS ACL implementation. That is, it relies on the
IOS access-list command to define the traffic matching parameters. From there, all configuration (including ACL
reference and action) is done from the “vlan access-map” configuration mode. Although the Cisco IOS action is a
CLI concept which is not present in CatOS, it provides similar capture, log, and redirect functionality. Refer to the
user documentation for specifics on these options. The following provides a general comparison between VACL
configuration between CatOS and Cisco IOS.
Note:
When creating a VACL in IOS, a SVI for that VLAN interface is created. While this interface is required, it
is not necessary for the interface to be configured or even in an “up” state for the VACL to operate properly.
When an ACL is created, modified, or deleted, the changes exist temporarily in an edit buffer in memory. CatOS
requires that the ACL be committed for it to take effect. Cisco IOS Software does not utilize the edit buffer concept.
Once a policy has been built in IOS, it must then be mapped to a VLAN or interface for that ACL to take effect.
CatOS Cisco IOS Software
set vlan 10
set security acl ip sample permit ip any
commit security acl sample
set security acl map sample 10
vlan 10
access-list 101 permit ip any any
vlan access-map sample
match ip address 101
action forward
vlan filter sample vlan-list 10
- Version 2 1
- Page 2 of 42 2
- Architecture Comparison 3
- Page 4 of 42 4
- Table 2 Hardware Modules 6
- Table 1 Software Comparison 6
- Hardware Modules 8
- Hybrid OS Image Names 9
- Cisco Hybrid OS Image Names 10
- Cisco Systems, Inc 11
- Page 11 of 42 11
- <version> 12
- Page 13 of 42 13
- Cisco IOS Software 14
- Page 15 of 42 15
- Page 16 of 42 16
- Page 17 of 42 17
- Page 18 of 42 18
- Monitoring IOS Interfaces 19
- Page 20 of 42 20
- Page 21 of 42 21
- EtherChannel Operation 22
- Page 23 of 42 23
- EtherChannel Types 24
- Catalyst OS config: 25
- MSFC config: 25
- No Catalyst OS equivalent 25
- Page 26 of 42 26
- Page 27 of 42 27
- Page 28 of 42 28
- Configuring Interface QoS 29
- Page 30 of 42 30
- Configuring QoS Policies 31
- Page 32 of 42 32
- Page 33 of 42 33
- Page 34 of 42 34
- Page 35 of 42 35
- Page 36 of 42 36
- Page 37 of 42 37
- Page 39 of 42 39
- Page 40 of 42 40
- Page 41 of 42 41
- (0206R) LW3558 0802 42
Relacionado con productos y manuales para Redes Cisco WS-X6248-RJ-45 - Catalyst 6000 Expansion Module
Redes Cisco MCS 7835 Series Manual de usuario
(9 paginas)
(9 paginas)
Redes Cisco 1802W Manual de usuario
(40 paginas)
(40 paginas)
Redes Cisco 4500M Guía de instalación
(32 paginas)
(32 paginas)
Redes Cisco 7120-4T1 - 7120 Router Especificaciones
(24 paginas)
(24 paginas)
Redes Cisco VPN 3000 Guía de usuario
(502 paginas)
(502 paginas)
Redes Cisco EF3116 Manual de usuario
(8 paginas)
(8 paginas)
Redes Cisco 826 Manual de usuario
(8 paginas)
(8 paginas)
Redes Cisco 1861 Manual de usuario
(13 paginas)
(13 paginas)
Redes Cisco TES301 Manual de usuario
(52 paginas)
(52 paginas)
Redes Cisco MGBSX1 Manual de usuario
(16 paginas)
(16 paginas)
Redes Cisco 1005 - 1005 Router Manual de usuario
(10 paginas)
(10 paginas)
Redes Cisco PA-2FE-TX Especificaciones
(60 paginas)
(60 paginas)
Redes Cisco 880 Series Manual de usuario
(18 paginas)
(18 paginas)
Redes Cisco 2520-RF - 2520 Router Especificaciones
(116 paginas)
(116 paginas)
Redes Cisco EPC3825 Manual de usuario
(8 paginas)
(8 paginas)
Redes Cisco DPC3008 Guía de usuario
(44 paginas)
(44 paginas)
(4 paginas)
Redes Cisco 1600R Guía de instalación
(88 paginas)
(88 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.052 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales