Table of Contents
Advertisement
Configuring SGT Exchange Protocol over TCP
(SXP) and Layer 3 Transport
Revised: May 28, 2010, OL-22192-01
You can use the SGT Exchange Protocol (SXP) to propagate the SGTs across network devices that do
not have hardware support for Cisco TrustSec. This section describes how to configure Cisco TrustSec
SXP on switches in your network.
This section includes the following topics:
•
•
•
•
•
•
•
•
•
•
•
Cisco TrustSec SGT Exchange Protocol Feature Histories
For a list of supported TrustSec features per platform and the minimum required IOS release, see
the Cisco TrustSec Platform Support Matrix at the following URL: (final URL posted with TS 4.0)
http://www.cisco.com/en/US/solutions/ns170/ns896/ns1051/trustsec_matrix.html
Otherwise, see product release notes for detailed feature introduction information.
OL-22192-01
Cisco TrustSec SGT Exchange Protocol Feature Histories, page 4-1
Configuring Cisco TrustSec SXP, page 4-2
Configuring the Default SXP Password, page 4-4
Configuring the Default SXP Source IP Address, page 4-4
Changing the SXP Reconciliation Period, page 4-5
Changing the SXP Retry Period, page 4-5
Creating Syslogs to Capture Changes of IP Address to SGT Mapping Learned Through SXP,
page 4-5
Verifying the SXP Connections, page 4-6
Configuring Layer 3 SGT Transport Between Cisco TrustSec Domains, page 4-6
Configuring Cisco TrustSec Reflector for Cisco TrustSec-Incapable Switching Modules, page 4-8
Configuring Cisco TrustSec Caching, page 4-9
4
C H A P T E R
Cisco TrustSec Configuration Guide
4-1
Hide quick links:
Advertisement
Table of Contents
