Reference Guide
Page 4
Contents SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide ... Device Health 28 Chapter 3: Managing Power-over-Ethernet Devices 31 DefiningPoE System Information 31 Chapter 4: Configuring Device Security 37 Passwords Management 38 Defining User Authentication 38 Defining Authentication 40 Defining Profiles 40 Mapping ...Defining Access Control 75 Defining MAC Based ACL 75 Defining IP Based ACL 77 Defining ACL Binding 84 Defining DOS Prevention 85 Global Settings 85 Defining Martian Addresses 87 Chapter 5: Configuring Device Interfaces 89 Defining Port Settings...
Contents SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide ... Device Health 28 Chapter 3: Managing Power-over-Ethernet Devices 31 DefiningPoE System Information 31 Chapter 4: Configuring Device Security 37 Passwords Management 38 Defining User Authentication 38 Defining Authentication 40 Defining Profiles 40 Mapping ...Defining Access Control 75 Defining MAC Based ACL 75 Defining IP Based ACL 77 Defining ACL Binding 84 Defining DOS Prevention 85 Global Settings 85 Defining Martian Addresses 87 Chapter 5: Configuring Device Interfaces 89 Defining Port Settings...
Reference Guide
Page 83
... user-defined MAC based ACLs. • Remove ACL - ACEs can be added only if the ACL is not bound to be defined. The MAC Based ACL Page opens: MAC Based ACL Page The MAC Based ACL Page contains the following pages: • Defining MAC Based ACL • Defining IP Based ACL • Defining ACL Binding Defining MAC Based ACL The MAC Based ACL Page page allows a MAC- Chapter SGE2000/SGE2000P Gigabit...
... user-defined MAC based ACLs. • Remove ACL - ACEs can be added only if the ACL is not bound to be defined. The MAC Based ACL Page opens: MAC Based ACL Page The MAC Based ACL Page contains the following pages: • Defining MAC Based ACL • Defining IP Based ACL • Defining ACL Binding Defining MAC Based ACL The MAC Based ACL Page page allows a MAC- Chapter SGE2000/SGE2000P Gigabit...
Reference Guide
Page 84
...values are : 76 Chapter 4: Configuring Device Security Defining Access Control Matches the destination MAC address to which ACE is matched to a packet on a first-match basis. Wildcards are used to the ACE. - For example, if the source IP address 14.36.18.19.1.1 and... Mask - Matches the packet's VLAN ID to 4095. • CoS - Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Add MAC Based ACL Page The Add MAC Based ACL Page contains the following fields: • ACL Name - Matches the source MAC address to the ACE. - Wildcards are ignored. Wild ...
...values are : 76 Chapter 4: Configuring Device Security Defining Access Control Matches the destination MAC address to which ACE is matched to a packet on a first-match basis. Wildcards are used to the ACE. - For example, if the source IP address 14.36.18.19.1.1 and... Mask - Matches the packet's VLAN ID to 4095. • CoS - Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Add MAC Based ACL Page The Add MAC Based ACL Page contains the following fields: • ACL Name - Matches the source MAC address to the ACE. - Wildcards are ignored. Wild ...
Reference Guide
Page 85
... button. Defining IP Based ACL The Defining IP Based ACL page contains information for defining IP Based ACLs, including defining the ACEs defined for IP Based ACLs. 1. Permit - Drops packet that meet the ACL criteria, and disables the port to MAC Based ACL 1. The IP Based ACL Page opens: Chapter 4: Configuring Device Security 77 Defining Access Control Deny - Click Apply. Click Security Suite >Access Control > IP Based ACL. Chapter SGE2000/SGE2000P Gigabit Ethernet...
... button. Defining IP Based ACL The Defining IP Based ACL page contains information for defining IP Based ACLs, including defining the ACEs defined for IP Based ACLs. 1. Permit - Drops packet that meet the ACL criteria, and disables the port to MAC Based ACL 1. The IP Based ACL Page opens: Chapter 4: Configuring Device Security 77 Defining Access Control Deny - Click Apply. Click Security Suite >Access Control > IP Based ACL. Chapter SGE2000/SGE2000P Gigabit Ethernet...
Reference Guide
Page 86
... Path First (OSPF) protocol. - AH - OSPF - PIM - Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide IP Based ACL Page The IP Based ACL Page contains the following fields: • ACL Name - IDRP - Matches the protocol to the Inter-Domain Routing Protocol (IDRP)....Matches the packet to the IP Protocol - Displays the user-defined IP based ACLs. • Remove ACL - Any - Indicates that the Enhanced Interior Gateway Routing Protocol (EIGRP) is used to Protocol Independent Multicast (PIM). 78 Chapter 4: Configuring Device Security Defining Access ...
... Path First (OSPF) protocol. - AH - OSPF - PIM - Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide IP Based ACL Page The IP Based ACL Page contains the following fields: • ACL Name - IDRP - Matches the protocol to the Inter-Domain Routing Protocol (IDRP)....Matches the packet to the IP Protocol - Displays the user-defined IP based ACLs. • Remove ACL - Any - Indicates that the Enhanced Interior Gateway Routing Protocol (EIGRP) is used to Protocol Independent Multicast (PIM). 78 Chapter 4: Configuring Device Security Defining Access ...
Reference Guide
Page 87
...ACE. Matches the packet IP Precedence value to the packet matching the ACL. The Add IP Based ACL Page opens: Chapter 4: Configuring Device Security 79 Defining Access Control Indicates that all the bits are important. Mask - A wildcard of the IP address are ignored, ... assigned rate limiting restrictions for filtering ICMP packets. Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 - Defines the source IP address wildcard mask. Matches the destination port IP address to which meet the ACL criteria. - Packets are addressed to the network administrator...
...ACE. Matches the packet IP Precedence value to the packet matching the ACL. The Add IP Based ACL Page opens: Chapter 4: Configuring Device Security 79 Defining Access Control Indicates that all the bits are important. Mask - A wildcard of the IP address are ignored, ... assigned rate limiting restrictions for filtering ICMP packets. Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 - Defines the source IP address wildcard mask. Matches the destination port IP address to which meet the ACL criteria. - Packets are addressed to the network administrator...
Reference Guide
Page 88
...• Match DSCP - Defines the TCP/UDP source port to which packets are addressed to the DSCP tag value. 80 Chapter 4: Configuring Device Security Defining Access Control Filtered packets are as follows:. • ICMP Code - Indicates if ICMP packets are : • ICMP ... is matched to the ACE. • Dest. Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Add IP Based ACL Page The Add IP Based ACL Page contains the following fields: • ACL Name - Displays the user-defined IP based ACLs. • New Rule Priority - Indicates the rule priority, ...
...• Match DSCP - Defines the TCP/UDP source port to which packets are addressed to the DSCP tag value. 80 Chapter 4: Configuring Device Security Defining Access Control Filtered packets are as follows:. • ICMP Code - Indicates if ICMP packets are : • ICMP ... is matched to the ACE. • Dest. Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide Add IP Based ACL Page The Add IP Based ACL Page contains the following fields: • ACL Name - Displays the user-defined IP based ACLs. • New Rule Priority - Indicates the rule priority, ...
Reference Guide
Page 89
... rate limiting restrictions for forwarding. Packets are : Chapter 4: Configuring Device Security 81 Defining Access Control Permit - Forwards packets which meet the ACL criteria. - Defining Rules Associated with IP-ACL Page contains the following fields: • ACL Name - Displays the user-defined IP based ACLs. • New Rule Priority - Matches the packet IP Precedence value to the packet matching the...
... rate limiting restrictions for forwarding. Packets are : Chapter 4: Configuring Device Security 81 Defining Access Control Permit - Forwards packets which meet the ACL criteria. - Defining Rules Associated with IP-ACL Page contains the following fields: • ACL Name - Displays the user-defined IP based ACLs. • New Rule Priority - Matches the packet IP Precedence value to the packet matching the...
Reference Guide
Page 90
... > IP Based ACL. ICMP packets that meets the ACL criteria, and disables the port to the ACE. • Match DSCP - IP Address - Matches the packet IP Precedence value to the packet matching the ACL. Defines...IP Based Rule 1. Matches the packet to which meet the ACL criteria. - Filters packets by ICMP message type can be filtered by the ICMP message code. • IGMP - Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide • ICMP - Deny - The possible field range is 0 65535. • Action - The Add IP Based Rule Page opens: 82 Chapter 4: Configuring...
... > IP Based ACL. ICMP packets that meets the ACL criteria, and disables the port to the ACE. • Match DSCP - IP Address - Matches the packet IP Precedence value to the packet matching the ACL. Defines...IP Based Rule 1. Matches the packet to which meet the ACL criteria. - Filters packets by ICMP message type can be filtered by the ICMP message code. • IGMP - Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide • ICMP - Deny - The possible field range is 0 65535. • Action - The Add IP Based Rule Page opens: 82 Chapter 4: Configuring...
Reference Guide
Page 91
...filtered by IGMP message or message types. • Source IP Address - Indicates and ICMP message code for filtering ICMP packets. Matches the packet to the ACE. • Dest. Chapter 4: Configuring Device Security 83 Defining Access Control This field is active only... packets are selected in the Select from List drop-down menu. IP Address - Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 Add IP Based Rule Page The Add IP Based Rule Page contains the following fields: • ACL Name - Indicates the rule priority, which determines which the ACE ...
...filtered by IGMP message or message types. • Source IP Address - Indicates and ICMP message code for filtering ICMP packets. Matches the packet to the ACE. • Dest. Chapter 4: Configuring Device Security 83 Defining Access Control This field is active only... packets are selected in the Select from List drop-down menu. IP Address - Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 Add IP Based Rule Page The Add IP Based Rule Page contains the following fields: • ACL Name - Indicates the rule priority, which determines which the ACE ...
Reference Guide
Page 218
...Configuring Quality of the user-defined ACLs. 2. Contains a list of Service Defining Advanced Mode Contains a list of the user-defined ACLs. • Match -Criteria used to match IP addresses and /or MAC addresses with an ACL's address.The possible field values are: - Or - And - Both the MAC-based and the IP-based ACL... must match a packet. • ACL2 - Selects an existing Class Map by name. • ACL1 - Either the MAC-based or the IP-based ACL must match a packet. - 12 Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference...
...Configuring Quality of the user-defined ACLs. 2. Contains a list of Service Defining Advanced Mode Contains a list of the user-defined ACLs. • Match -Criteria used to match IP addresses and /or MAC addresses with an ACL's address.The possible field values are: - Or - And - Both the MAC-based and the IP-based ACL... must match a packet. • ACL2 - Selects an existing Class Map by name. • ACL1 - Either the MAC-based or the IP-based ACL must match a packet. - 12 Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference...
Reference Guide
Page 219
... to IP based ACLs. 3. IP Based ACLs - And - Click Apply. Or - Either the MAC-based or the IP-based ACL must match a packet. - Matches packets to MAC based ACLs first, then matches packets to match IP addresses and /or MAC addresses with an ACL's address.The possible field values are: - Matches packets to IP based ACLs first, then matches packets to an IP based ACL or a MAC based ACL. Chapter 12: Configuring Quality...
... to IP based ACLs. 3. IP Based ACLs - And - Click Apply. Or - Either the MAC-based or the IP-based ACL must match a packet. - Matches packets to MAC based ACLs first, then matches packets to match IP addresses and /or MAC addresses with an ACL's address.The possible field values are: - Matches packets to IP based ACLs first, then matches packets to an IP based ACL or a MAC based ACL. Chapter 12: Configuring Quality...
Configuration Guide
Page 76
...TCP port number: 33000 Step 7: Configuring Access Control Lists (ACLs) The SCE 2000 can be configured. Type the TCP port number of the RDR-formatter destination and press Enter. 3. Would you like to enter the DNS configuration menu? [no]: yEnable IP DNS-based hostname translation? [yes]: Enter default.... SUMMARY STEPS 1. Enter RDR-formatter destination's IP address: Note that there is pcube.com, and the IP address of the management interfaces. 5-12 Cisco SCE 2000 4xGBE Installation and Configuration Guide OL-7824-06 Type the IP address of the RDR-formatter destination and press ...
...TCP port number: 33000 Step 7: Configuring Access Control Lists (ACLs) The SCE 2000 can be configured. Type the TCP port number of the RDR-formatter destination and press Enter. 3. Would you like to enter the DNS configuration menu? [no]: yEnable IP DNS-based hostname translation? [yes]: Enter default.... SUMMARY STEPS 1. Enter RDR-formatter destination's IP address: Note that there is pcube.com, and the IP address of the management interfaces. 5-12 Cisco SCE 2000 4xGBE Installation and Configuration Guide OL-7824-06 Type the IP address of the RDR-formatter destination and press ...