Cisco Catalyst 3750-E Software Configuration Manual page 805
Hide thumbs
Also See for Catalyst 3750-E:
- Getting started manual (27 pages) ,
- Product support bulletin (6 pages) ,
- Configuration handbook (359 pages)
Table of Contents
Advertisement
Configuring Network Security with ACLs
This chapter describes how to configure network security on the Catalyst 3750-E or 3560-E switch by
using access control lists (ACLs), which in commands and tables are also referred to as access lists.
Unless otherwise noted, the term switch refers to a Catalyst 3750-E or 3560-E standalone switch and to
a Catalyst 3750-E switch stack.
Information in this chapter about IP ACLs is specific to IP Version 4 (IPv4). For information about IPv6
Note
ACLs, see
For complete syntax and usage information for the commands used in this chapter, see the command
reference for this release, see the "Configuring IP Services" section in the "IP Addressing and Services"
chapter of the Cisco IOS IP Configuration Guide, Release 12.2, and the Cisco IOS IP Command
Reference, Volume 1 of 3: Addressing and Services, Release 12.2.
Catalyst 3750-E and 3560-E switches also support Cisco TrustSec Security Group Tag (SCT) Exchange
Protocol (SXP). This feature supports security group access control lists (SGACLs), which define ACL
policies for a group of devices instead of an IP address. The SXP control protocol allows tagging packets
with SCTs without a hardware upgrade, and runs between access layer devices at the Cisco TrustSec
domain edge and distribution layer devices within the Cisco TrustSec domain. Catalyst 3750-E and
3560-E switches operate as access layer switches in the Cisco TrustSec network.
For more information about Cisco TrustSec, see the "Cisco TrustSec Switch Configuration Guide" at this
URL:
http://www.cisco.com/en/US/docs/switches/lan/trustsec/configuration/guide/trustsec.html
The sections on SXP define the capabilities supported on the Catalyst 3750-E and 3560-E switches.
This chapter consists of these sections:
•
Understanding ACLs, page 35-2
•
Configuring IPv4 ACLs, page 35-7
Creating Named MAC Extended ACLs, page 35-28
•
Configuring VLAN Maps, page 35-31
•
Using VLAN Maps with Router ACLs, page 35-37
•
Displaying IPv4 ACL Configuration, page 35-41
•
OL-9775-08
Chapter 36, "Configuring IPv6 ACLs."
C H A P T E R
Catalyst 3750-E and 3560-E Switch Software Configuration Guide
35
35-1
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
