Cabletron Systems SSIM-R8-02 Spécifications Page 324
- Page / 394
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Layer-2 Security Filters
304 Enterasys Xpedition User Reference Manual
Destination filter: No one from the engineering group (port et.1.1) should be allowed to
access the finance server. All traffic destined to the finance server’s MAC will be dropped.
Flow filter: Only the consultant is restricted access to one of the finance file servers. Note
that port et.1.1 should be operating in flow-bridging mode for this filter to work.
Static Entries Example
Source static entry: The consultant is only allowed to access the engineering file servers
on port et.1.2.
Destination static entry: Restrict “login multicasts” originating from the engineering
segment (port et.1.1) from reaching the finance servers.
or
Flow static entry: Restrict “login multicasts” originating from the consultant from
reaching the finance servers.
Port-to-Address Lock Examples
You have configured some filters for the consultant on port et.1.1 If the consultant plugs
his laptop into a different port, he will bypass the filters. To lock him to port et.1.1, use the
following command:
filters add address-filter name finance dest-mac AABBCC:DDEEFF vlan 1 in-port-list et.1.1
filters add address-filter name consult-to-finance source-mac 001122:334455 dest-mac
AABBCC:DDEEFF vlan 1 in-port-list et.1.1
filters add static-entry name consultant source-mac 001122:334455 vlan 1 in-port-list et.1.1 out-port-list
et.1.2 restriction allow
filters add static-entry name login-mcasts dest-mac 010000:334455 vlan 1 in-port-list et.1.1 out-port-list
et.1.3 restriction disallow
filters add static-entry name login-mcasts dest-mac 010000:334455 vlan 1 in-port-list et.1.1 out-port-list
et.1.2 restriction allow
filters add static-entry name consult-to-mcasts source-mac 001122:334455 dest-mac 010000:334455 vlan 1
in-port-list et.1.1 out-port-list et.1.3 restriction disallow
filters add port-address-lock name consultant source-mac 001122:334455 vlan 1 in-port-list et.1.1
- 8VHU5HIHUHQFH0DQXDO 1
- 1
- ENTERASYS NETWORKS, INC 3
- PROGRAM LICENSE AGREEMENT 3
- DECLARATION OF CONFORMITY 5
- Contents 10
- Chapter 1 21
- Introduction 21
- Document Conventions 22
- Getting Help 22
- Chapter 2 25
- Maintaining 25
- Configuration Files 25
- Configuration File 29
- Configuring System Settings 33
- Configuring a Log-in Banner 34
- Chapter 3 35
- Using the CLI 35
- Command Modes 36
- Establishing Telnet Sessions 37
- Setting CLI Parameters 37
- ↑ key, the CLI displays the 38
- Line Editing Commands 40
- Command Resulting Action 41
- Port Names 42
- Chapter 4 45
- Hot Swapping Line 45
- Cards and Control 45
- Hot Swapping Line Cards 46
- Removing the Line Card 47
- Installing a New Line Card 47
- Removing the Control Module 49
- Installing a Control Module 49
- Offline LED 50
- Hot Swap Button 50
- Chapter 5 53
- Bridging 53
- VLAN Overview 54
- XP VLAN Support 56
- Configuring Spanning Tree 60
- Configuring VLAN Trunk Ports 63
- Configuring Layer-2 Filters 64
- Monitoring Bridging 65
- VLAN ID 5 66
- Chapter 6 67
- SmartTRUNK 67
- Configuring SmartTRUNKs 68
- Monitoring SmartTRUNKs 69
- Chapter 7 73
- ATM Configuration 73
- Virtual Channels 74
- Service Profile Definition 74
- Cell Scrambling 77
- ATM port 78
- Cell Mapping 79
- Creating a Non-Zero VPI 80
- ATM Sample Configuration 1 85
- Creating a Virtual Channel 86
- Configuring an IP Route 87
- ATM Sample Configuration 2 89
- Chapter 8 95
- Packet-over-SONET 95
- Monitoring PoS Ports 100
- Example Configurations 101
- Chapter 9 105
- Configuration Guide 105
- Configuring Client Parameters 106
- Configuring DHCP 107
- Updating the Lease Database 108
- Monitoring the DHCP Server 108
- DHCP Configuration Examples 109
- Configuring Secondary Subnets 110
- Interacting with Relay Agents 112
- Chapter 10 115
- IP Routing 115
- Multicast Routing Protocols 116
- Configuring Jumbo Frames 118
- Configuring DNS Parameters 122
- Configuring IP Helper 122
- Configuring Direct Broadcast 123
- Monitoring IP Parameters 124
- Configuring Router Discovery 125
- Configuration Examples 128
- Chapter 11 129
- Basic VRRP Configuration 130
- Symmetrical Configuration 131
- Multi-Backup Configuration 133
- 10.0.0.1/16 134
- 10.0.0.2/16 134
- 10.0.0.3/16 134
- Additional Configuration 138
- Monitoring VRRP 139
- VRRP Configuration Notes 142
- Chapter 12 145
- RIP Configuration 145
- Enabling and Disabling RIP 146
- Configuring RIP Interfaces 146
- Configuring RIP Parameters 146
- Monitoring RIP 148
- Configuration Example 149
- Chapter 13 151
- OSPF Configuration 151
- Configuring OSPF 152
- Enabling OSPF 153
- Configuring an OSPF Area 155
- Creating Virtual Links 156
- Monitoring OSPF 158
- OSPF Configuration Examples 160
- A r e a 150.20.0.0 163
- Chapter 14 165
- BGP Configuration 165
- Basic BGP Tasks 166
- Setting the Router ID 167
- Configuring a BGP Peer Group 167
- Starting BGP 169
- BGP Configuration Examples 172
- BGP Peering Session Example 173
- IBGP Configuration Example 175
- AS-64801 177
- IBGP Internal Group Example 179
- 17.122.128.2/24 180
- 17.122.128.1/24 180
- Community Attribute Example 185
- Physical Link 187
- Peering Relationship 187
- Information Flow 187
- Local Preference Examples 191
- AS-64900 192
- AS-64901 192
- EBGP EBGP 192
- EBGP Aggregation Example 195
- Route Reflection Example 196
- 192.68.222.1 197
- 192.68.20.2 197
- 192.68.20.1 197
- 172.16.30.2 197
- Chapter 15 201
- Routing Policy 201
- Preference 202
- Import Policies 203
- Export Policies 204
- Specifying a Route Filter 205
- Aggregates and Generates 206
- Authentication 208
- Redistributing Static Routes 210
- Redistributing RIP into RIP 211
- Redistributing RIP into OSPF 211
- Redistributing OSPF to RIP 211
- Creating an Export Source 217
- Creating an Import Source 218
- Creating a Route Filter 218
- Creating an Aggregate Route 219
- Creating an Aggregate Source 220
- Examples of Import Policies 220
- Figure 19. Exporting to RIP 221
- Examples of Export Policies 227
- Chapter 16 237
- Multicast Routing 237
- DVMRP Overview 238
- Configuring IGMP 239
- Configuring DVMRP 240
- Starting and Stopping DVMRP 241
- Configuring DVMRP Parameters 241
- Monitoring IGMP & DVMRP 243
- Chapter 17 247
- IP Policy-Based 247
- Forwarding 247
- Configuring IP Policies 248
- Firewall Load Balancing 254
- Monitoring IP Policies 255
- Chapter 18 259
- Chapter 19 259
- Network Address 259
- Translation 259
- Configuring NAT 260
- Forcing Flows through NAT 261
- Managing Dynamic Bindings 262
- NAT and DNS 262
- NAT and ICMP Packets 263
- NAT and FTP 263
- Monitoring NAT 264
- Dynamic Configuration 265
- Dynamic NAT with DNS 268
- Chapter 20 271
- Web Hosting 271
- Load Balancing 272
- Session Persistence 273
- Persistence 274
- Default Binding 274
- Setting Server Status 278
- Load Balancing and FTP 278
- Real Server 281
- TCP Port 281
- Destination 283
- Server IP 283
- Web Caching 284
- Other Configurations 286
- Monitoring Web-Caching 288
- Chapter 21 289
- IPX Routing 289
- IPX Routing Overview 290
- Configuring IPX RIP & SAP 291
- IPX Addresses 292
- Configuring IPX Routing 293
- Enabling SAP 294
- Configuring Static Routes 294
- Monitoring an IPX Network 297
- Chapter 22 299
- Access Control List 299
- ACL Basics 300
- How ACL Rules are Evaluated 302
- Implicit Deny Rule 302
- Creating and Modifying ACLs 304
- Editing ACLs Offline 305
- Using ACLs 306
- Applying ACLs to Services 307
- Using ACLs as Profiles 308
- Enabling ACL Logging 313
- Monitoring ACLs 314
- Chapter 23 315
- Security 315
- Configuring RADIUS 316
- Configuring TACACS 317
- Configuring TACACS Plus 317
- Layer-2 Security Filters 319
- Layer-2 Filter Examples 323
- Chapter 24 331
- QoS Configuration 331
- Precedence for Layer-3 Flows 333
- XP Queuing Policies 333
- Configuring Layer-2 QoS 334
- 802.1p Priority Mapping 334
- Configuring IP QoS Policies 336
- Configuring IPX QoS Policies 337
- ToS Rewrite 339
- Monitoring QoS 342
- Limiting Traffic Rate 343
- Per-Flow Rate Limiting 344
- Port Rate Limiting 344
- Aggregate Rate Limiting 345
- Chapter 25 349
- Performance 349
- Monitoring Guide 349
- Monitoring Broadcast Traffic 351
- Chapter 26 353
- Configuring and Enabling RMON 354
- RMON Groups 355
- Control Tables 357
- Using RMON 358
- Configuring RMON Groups 359
- Displaying RMON Information 362
- RMON CLI Filters 363
- Troubleshooting RMON 365
- Allocating Memory to RMON 367
- Chapter 27 369
- LFAP Configuration 369
- Chapter 28 373
- WAN Configuration 373
- Configuring WAN Interfaces 374
- Forcing Bridged Encapsulation 376
- Packet Compression 376
- WAN Overview 377
- Packet Encryption 378
- WAN Quality of Service 378
- Frame Relay Overview 380
- Virtual Circuits 381
- Configuring PPP Interfaces 385
- Monitoring PPP WAN Ports 387
- PPP Port Configuration 388
- WAN Configuration Examples 389
- Router R1 Configuration File 391
- Router R2 Configuration File 391
- Router R3 Configuration File 392
- Router R4 Configuration File 392
- Router R5 Configuration File 393
- Router R6 Configuration File 393
Produits connexes et manuels pour Mise en réseau Cabletron Systems SSIM-R8-02
(190 pages)
(19 pages)
(396 pages)© 2020, manymanuals.fr. Tous droits réservés | 0.057 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels