Manuel d’utilisation Cisco Systems 7600 SERIES

24 pages 0.36 mb

Télécharger

Aller à la page of 24

Prev Next

Summary

Cisco Systems 7600 SERIES - page 1

CH A P T E R 23-1 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 23 Configuring Network Security This chapter contains n etwork security information unique to the Cisco 7600 series r outers, which supplements the network security information and procedures in these publications: • Cisco IOS Security Conf igur ...
Cisco Systems 7600 SERIES - page 2

23-2 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Hardware and Software ACL Support Wi t h t h e ip unr eachable s command en abled (which i s the default), a Sup ervisor Engine 2 drops most of the denied packets in hardware and sends only a small number of pack ets to ...
Cisco Systems 7600 SERIES - page 3

23-3 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Guidelines and Restrictio ns for Using Layer 4 Operators in ACLs • Flo ws that require logging are processed in software witho ut impacting nonlog ged flo w processing in hardware. • The forwarding rate for softw are ...
Cisco Systems 7600 SERIES - page 4

23-4 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring the Cisco IOS Firewall Feature Set Determining Logical Operation Unit Usage Logical operation units (LOUs) are registers that st ore operator-operand cou ples. All A CLs use LOUs. There can be up to 32 LOUs; ...
Cisco Systems 7600 SERIES - page 5

23-5 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring the Cisco IO S Firewall Feature Se t • Fire wall Configuration Gui delines and Restrictions, page 23-6 • Config uring CB A C on Cisco 7600 Seri es Routers, page 23-6 Cisco IOS Firewall Feature Set Support ...
Cisco Systems 7600 SERIES - page 6

23-6 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring the Cisco IOS Firewall Feature Set Note Cisco 7600 series router s support the Intrusi on Detection System Module (ID SM) (WS-X6381-IDS). Cisco 7600 serie s routers do no t support the C isco IOS fire wall I ...
Cisco Systems 7600 SERIES - page 7

23-7 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring MAC Address-Based Tra ffic Blocking Router(config-if)# exit Router(config)# interface vlan 200 Router(config-if)# ip access-group deny_ftp_c in Router(config-if)# ip access-group deny_ftp_d out Router(config- ...
Cisco Systems 7600 SERIES - page 8

23-8 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring VLAN ACLs This exampl e sho ws ho w to block all traf fic to or from MA C address 0050.3e8d.6400 in VLAN 12: Router# configure terminal Router(config)# mac-address-table static 0050.3e8d.6400 vlan 12 drop Co ...
Cisco Systems 7600 SERIES - page 9

23-9 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring VLAN ACLs is first checked against the output ACL applied to the routed interface and, if permitt ed, the VACL configured for the destinat ion VLAN is applied. If a V A CL is configured for a pack et type and ...
Cisco Systems 7600 SERIES - page 10

23-10 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring VLAN ACLs Routed Packets Figure 23-2 sh ow s ho w A CLs are applied on routed and Layer 3-switched pack ets. For routed or Layer 3-switched packets, the ACLs are applied in the follo wing order: 1. V A CL f ...
Cisco Systems 7600 SERIES - page 11

23-11 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring VLAN ACLs Multicast Packets Figure 23-3 sho ws how A CLs are applied on packets that need multicast e xpansion. F or packets that need multicast e xpansion, the AC Ls are applied in the follo wing order: 1. ...
Cisco Systems 7600 SERIES - page 12

23-12 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring VLAN ACLs • VLAN Access Map Conf iguration and V e rificat ion Examples, page 23- 15 • Config uring a Capture Port, page 23-16 VACL Configuration Overview V A CLs use standard and ext ended Cisco IOS IP ...
Cisco Systems 7600 SERIES - page 13

23-13 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring VLAN ACLs When defini ng a VLAN access map, note the follo wing syntax information: • T o insert or modify an entry , specify the map sequence number . • If you do not sp ecify the map sequence num be r ...
Cisco Systems 7600 SERIES - page 14

23-14 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring VLAN ACLs Configuring an Action Clause in a VLAN Access Map Sequence T o configure an action clause in a VLAN access map sequence, perform this task: When configuring an action clause in a VLAN access map s ...
Cisco Systems 7600 SERIES - page 15

23-15 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring VLAN ACLs When applying a VLAN access map, note the follow ing syntax informati o n: • Y ou can apply the VLAN access map to on e or more VLANs or W AN interfaces. • The vlan_list parameter can be a sing ...
Cisco Systems 7600 SERIES - page 16

23-16 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring VLAN ACLs This exampl e sho ws how to def ine and apply a VLAN ac cess map to forward IP packets. In this e xample, IP traf fic matching net_10 is for warded and al l ot her IP packets are dropped due to th ...
Cisco Systems 7600 SERIES - page 17

23-17 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring VLAN ACLs When config uring a capture port, note th e follo wing syntax information: • W ith Release 12.1(13)E and later releases, you can co nfigure an y port as a capture port. W ith earlier releases, on ...
Cisco Systems 7600 SERIES - page 18

23-18 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring TCP Interc ept These restrictions apply to V A CL logging: • Supported only with Su pervisor Engine 2. • Because of the rate-limiting func tion for redirected packets, V A CL logging counters may not be ...
Cisco Systems 7600 SERIES - page 19

23-19 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring Unicast Re verse Path Forwarding Configuring Unicast Reverse Path Forwarding These sections describe conf iguring Cisco IOS Unicast Re verse Path F orwarding (Unicast RPF): • Understanding Unicast RPF S up ...
Cisco Systems 7600 SERIES - page 20

23-20 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring Unicast Re verse Path Forwarding This e xample sho ws how to enable self-p inging: Router(config)# interface gigabitethernet 4/1 Router(config-if)# ip verify unicast source reachable-via any allow-self-ping ...
Cisco Systems 7600 SERIES - page 21

23-21 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring Unicast Flood Protection This example sho ws how to enable Unicast RPF exis t-only checking mode on Gi gabit Ethernet port 4/ 1: Router(config)# interface gigabitethernet 4/1 Router(config-if)# ip verify uni ...
Cisco Systems 7600 SERIES - page 22

23-22 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring MAC Move Notification When config uring unicast flood pr otection, note the follo wing syntax information: • Use the limit keyw ord to specify the unicast floods on a per source MA C address and per VLAN ...
Cisco Systems 7600 SERIES - page 23

23-23 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring MAC Move Notification This exampl e sho ws ho w to enable the MA C mov e notif ication feature: Router(config)# mac-address-table notification mac-move Router# show mac-address-table notification mac-move MA ...
Cisco Systems 7600 SERIES - page 24

23-24 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring MAC Move Notification ...

Fabricant Cisco Systems Catégorie Network Router

Les documents que nous recevons du fabricant de l'appareilCisco Systems 7600 SERIES peuvent être divisés en plusieurs groupes. Ceux-ci sont, entre autres:
- dessins techniques Cisco Systems
- manuels d’utilisations 7600 SERIES
- fiches produit Cisco Systems
- dépliants
- ou étiquettes-énergie Cisco Systems 7600 SERIES
Tous sont importants, mais les informations les plus importantes du point de vue de l'utilisation de l'appareil se trouvent dans le manuel d’utilisation Cisco Systems 7600 SERIES.

Un groupe de documents appelé manuels d’utilisation est également divisé en types plus spécifiques, tels que: Manuels d’installation Cisco Systems 7600 SERIES, manuels d’entretien, brefs manuels ou manuels de l’utilisateur Cisco Systems 7600 SERIES. Selon vos besoins, vous devriez chercher le document dont vous avez besoin. Sur notre site, vous pouvez voir le manuel le plus populaire d’utilisation du produit Cisco Systems 7600 SERIES.

Manuels d’utilsiation similaires

Manuel d’utilisation complet de l’appareil Cisco Systems 7600 SERIES, quelle devrait-elle être?
Le manuel d’utilisation, également appelé le mode d’emploi, ou tout simplement le manuel, est un document technique destiné à aider à utiliser Cisco Systems 7600 SERIES par les utilisateurs. Des manuels sont généralement écrits par un rédacteur technique, mais dans un langage accessible à tous les utilisateurs Cisco Systems 7600 SERIES.

Le manuel d’utilisation complet Cisco Systems, devrait inclure plusieurs éléments de base. Certains d'entre eux sont moins importants, tels que: la couverture / page de titre ou pages d'auteur. Cependant, la partie restante, devrait nous fournir des informations importantes du point de vue de l'utilisateur.

1. Introduction et des conseils sur la façon d'utiliser le manuel Cisco Systems 7600 SERIES - Au début de chaque manuel, nous devrions trouver des indices sur la façon d'utiliser le document. Il doit contenir des informations sur l'emplacement de la table des matières Cisco Systems 7600 SERIES, FAQ ou des problèmes les plus fréquents - les points qui sont les plus souvent recherchés par les utilisateurs de chaque manuel
2. Table des matières - index de tous les conseils pour lCisco Systems 7600 SERIES qui peuvent être trouvés dans le document courant
3. Conseils sur la façon d'utiliser les fonctions de base de l’appareil Cisco Systems 7600 SERIES - qui devraient nous aider dans les premières étapes lors de l'utilisation Cisco Systems 7600 SERIES
4. Troubleshooting - séquence systématique des activités qui nous aideront à diagnostiquer et ensuite résoudre les principaux problèmes de Cisco Systems 7600 SERIES
5. FAQ - questions fréquemment posées
6. Détails du contact Informations sur l'endroit où chercher le contact avec le fabricant / service Cisco Systems 7600 SERIES dans un pays donné, si le problème ne peut être résolu par nous-mêmes.

Avez-vous une question à propos de Cisco Systems 7600 SERIES?

Utiliser le formulaire ci-dessous

Si vous n’avez pas résolu votre problème avec Cisco Systems 7600 SERIES, avec l'aide du manuel que vous avez trouvé, posez une question en utilisant le formulaire ci-dessous. Si un utilisateur a eu un problème similaire avec Cisco Systems 7600 SERIES il est probable qu’il a envie de partager la façon de le résoudre.

Manuel d’utilisation Cisco Systems 7600 SERIES

Summary

Cisco Systems 7600 SERIES - page 1

Cisco Systems 7600 SERIES - page 2

Cisco Systems 7600 SERIES - page 3

Cisco Systems 7600 SERIES - page 4

Cisco Systems 7600 SERIES - page 5

Cisco Systems 7600 SERIES - page 6

Cisco Systems 7600 SERIES - page 7

Cisco Systems 7600 SERIES - page 8

Cisco Systems 7600 SERIES - page 9

Cisco Systems 7600 SERIES - page 10

Cisco Systems 7600 SERIES - page 11

Cisco Systems 7600 SERIES - page 12

Cisco Systems 7600 SERIES - page 13

Cisco Systems 7600 SERIES - page 14

Cisco Systems 7600 SERIES - page 15

Cisco Systems 7600 SERIES - page 16

Cisco Systems 7600 SERIES - page 17

Cisco Systems 7600 SERIES - page 18

Cisco Systems 7600 SERIES - page 19

Cisco Systems 7600 SERIES - page 20

Cisco Systems 7600 SERIES - page 21

Cisco Systems 7600 SERIES - page 22

Cisco Systems 7600 SERIES - page 23

Cisco Systems 7600 SERIES - page 24

Manuels d’utilsiation similaires

Avez-vous une question à propos de Cisco Systems 7600 SERIES?

Commentaires (0)