Propagate Sgt (Cts Manual) - Cisco Catalyst 3650 series Command Reference Manual

propagate sgt (cts manual)

To enable Security Group Tag (SGT) propagation at Layer 2 on Cisco TrustSec Security (CTS) interfaces,
use the propagate sgt command in interface configuration mode. To disable SGT propagation, use the no
form of this command.
propagate sgt
Syntax Description
This command has no arguments or keywords.
Command Default
SGT processing propagation is enabled.
Command Modes
CTS manual interface configuration mode (config-if-cts-manual)
Command History
Release
Cisco IOS XE Denali 16.3.1
Usage Guidelines
SGT processing propagation allows a CTS-capable interface to accept and transmit a CTS Meta Data (CMD)
based L2 SGT tag. The no propagate sgt command can be used to disable SGT propagation on an interface
in situations where a peer device is not capable of receiving an SGT, and as a result, the SGT tag cannot be
put in the L2 header.
Examples The following example shows how to disable SGT propagation on a manually-configured TrustSec-capable
interface:
Switch# configure terminal
Switch(config)# interface gigabitethernet 0
Switch(config-if)# cts manual
Switch(config-if-cts-manual)# no propagate sgt
The following example shows that SGT propagation is disabled on Gigabit Ethernet interface 0:
Switch#show cts interface brief
Global Dot1x feature is Disabled
Interface GigabitEthernet0:
CTS is enabled, mode:
IFC state:
Authentication Status:
Peer identity:
Peer's advertised capabilities: ""
Authorization Status:
SAP Status:
Propagate SGT:
Cache Info:
Cache applied to link : NONE
Modification
This command was introduced.
MANUAL
OPEN
NOT APPLICABLE
"unknown"
NOT APPLICABLE
NOT APPLICABLE
Disabled
Command Reference, Cisco IOS XE Everest 16.5.1a (Catalyst 3650 Switches)
propagate sgt (cts manual)
793