Table of Contents
Advertisement
Manually Configuring IP-Address-to-SGT Mapping
Command
Step 4
[no] cts role-based sgt-map
ipv6_address::prefix sgt number
Example:
switch(config)# cts role-based sgt-map
2020::/64 sgt 1234
Step 5
exit
Example:
switch(config)# exit
switch#
Step 6
show running-config | include search_string
Example:
switch# show running-config | include sgt 1234
switch# show running-config | include network-map
Step 7
copy running-config startup-config
Example:
switch# copy running-config startup-config
Cisco TrustSec Configuration Guide
3-14
Chapter 3
Configuring Identities, Connections, and SGTs
Purpose
(IPv6) Specifies a subnet in colon hexadecimal
notation. Use the [no] form of the command to
unconfigure the Subnet to SGT mapping.
The number of bindings specified in Step 2 should
match or exceed the number of host addresses in the
subnet (excluding network and broadcast
addresses). The sgt number keyword specifies the
Security Group Tag to be bound to every host
address in the specified subnet.
ipv6_address—Specifies IPv6 network address
•
in colon hexadecimal notation.
prefix—(0 to128). Specifies the number of bits
•
in the network address.
sgt number—(0 to 65,535). Specifies the
•
Security Group Tag (SGT) number.
Exits global configuration mode.
Verifies that the cts role-based sgt-map and the
cts sxp mapping network-map commands are in
the running configuration.
Copies the running configuration to the startup
configuration.
OL-22192-02
Hide quick links:
Advertisement
Table of Contents
