Table of Contents
Advertisement
Manually Configuring IP-Address-to-SGT Mapping
Command
Step 7
[no] shutdown
Example:
TS_switch(config-if)# no shutdown
Step 8
exit
Example:
TS_switch(config-if)# exit
TS_switch(config)#
Step 9
cts role-based sgt-map vlan-list vlan_id
sgt sgt_number
Example:
TS_switch(config)# cts role-based sgt-map
vlan-list 100 sgt 10
Step 10
ip device tracking probe [count count |
delay seconds | interval length]
Example:
TS-switch(config)# ip device tracking
Step 11
exit
Example:
TS_switch(config)# exit
TS_switch#
Step 12
show cts role-based sgt-map {ipv4_netaddr
| ipv4_netaddr/prefix | ipv6_netaddr|
ipv6_netaddr/prefix | all [ipv4 | ipv6] |
host {ipv4__addr | ipv6_addr} | summary
[ipv4 | ipv6]
Example:
TS_switch# cts role-based sgt-map all
Cisco TrustSec Configuration Guide
3-18
Chapter 3
Configuring Identities, Connections, and SGTs
Purpose
Enables the SVI.
Exits VLAN Interface Configuration mode into
Global Configuration mode.
Assigns the specified SGT to the specified VLAN.
Enables IP device tracking. When active hosts are
detected, the switch adds the following entries to an
IP Device Tracking table:
IP address of host
•
MAC address of host
•
VLAN of the host
•
•
The interface on which the switch detected the
host
The state of the host (Active or Inactive)
•
The host added to the IP Device Tracking table is
monitored with periodic ARP probes. Hosts that fail
to respond are removed from the table.
Exits Global configuration mode.
(Optional) Displays the VLAN to SGT mappings.
OL-22192-02
Hide quick links:
Advertisement
Table of Contents
