Table of Contents
Advertisement
Chapter 7
Cisco TrustSec Command Summary
cts role-based policy trace
To troubleshoot SGT and SGACL behavior in TrustSec network devices, use the cts role-based policy
trace privileged EXEC command.
Syntax Description
ipv4 | ipv6
ip_port_num | icmp | ip
| tcp | udp
source_host ip_address Specifies the IP address of the source host.
OL-22192-01
cts role-based policy trace {ipv4 | ipv6} {tcp | udp} source_host ip_address eq {protocol name |
wellknown_port_num} dest_host ip_address eq {protocol name | wellknown_port_num}
[interface type slot/port | security-group {sgname sg_name | sgt sgt_num} | vlan vlan_id | vrf
vrf_name]
cts role-based policy trace {ipv4 | ipv6} {ip_port_num | icmp | ip} source_host ip_address
dest_host ip_address [interface type slot/port | security-group {sgname sg_name | sgt
sgt_num} | vlan vlan_id | vrf vrf_name]
Specifies IPv4 or IPv6 IP encapsulation.
Specifies the Internet Protocol or its number. Supported protocols and their
IP numbers are as follows:
0 to 255—Range of possible Internet Protocol numbers.
icmp—Internet Control Message Protocol
ip—Any Internet Protocol
tcp—Transmission Control Protocol
udp—User Datagram Protocol
cts role-based policy trace
Cisco TrustSec Configuration Guide
7-25
Hide quick links:
Advertisement
Table of Contents
