English dropdown-ico

Cisco Systems 7600 SERIES manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

Go to page of

Similar user manuals

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Cisco Systems 7600 SERIES, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Cisco Systems 7600 SERIES one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Cisco Systems 7600 SERIES. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Cisco Systems 7600 SERIES should contain:
- informations concerning technical data of Cisco Systems 7600 SERIES
- name of the manufacturer and a year of construction of the Cisco Systems 7600 SERIES item
- rules of operation, control and maintenance of the Cisco Systems 7600 SERIES item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Cisco Systems 7600 SERIES alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Cisco Systems 7600 SERIES, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Cisco Systems service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Cisco Systems 7600 SERIES.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Cisco Systems 7600 SERIES item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    CH A P T E R 23-1 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 23 Configuring Network Security This chapter contains n etwork security information unique to the Cisco 7600 series r outers, which supplements the network security information and procedures in these publications: • Cisco IOS Security Conf igur [...]

  • Page 2

    23-2 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Hardware and Software ACL Support Wi t h t h e ip unr eachable s command en abled (which i s the default), a Sup ervisor Engine 2 drops most of the denied packets in hardware and sends only a small number of pack ets to[...]

  • Page 3

    23-3 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Guidelines and Restrictio ns for Using Layer 4 Operators in ACLs • Flo ws that require logging are processed in software witho ut impacting nonlog ged flo w processing in hardware. • The forwarding rate for softw are[...]

  • Page 4

    23-4 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring the Cisco IOS Firewall Feature Set Determining Logical Operation Unit Usage Logical operation units (LOUs) are registers that st ore operator-operand cou ples. All A CLs use LOUs. There can be up to 32 LOUs;[...]

  • Page 5

    23-5 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring the Cisco IO S Firewall Feature Se t • Fire wall Configuration Gui delines and Restrictions, page 23-6 • Config uring CB A C on Cisco 7600 Seri es Routers, page 23-6 Cisco IOS Firewall Feature Set Support[...]

  • Page 6

    23-6 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring the Cisco IOS Firewall Feature Set Note Cisco 7600 series router s support the Intrusi on Detection System Module (ID SM) (WS-X6381-IDS). Cisco 7600 serie s routers do no t support the C isco IOS fire wall I[...]

  • Page 7

    23-7 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring MAC Address-Based Tra ffic Blocking Router(config-if)# exit Router(config)# interface vlan 200 Router(config-if)# ip access-group deny_ftp_c in Router(config-if)# ip access-group deny_ftp_d out Router(config-[...]

  • Page 8

    23-8 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring VLAN ACLs This exampl e sho ws ho w to block all traf fic to or from MA C address 0050.3e8d.6400 in VLAN 12: Router# configure terminal Router(config)# mac-address-table static 0050.3e8d.6400 vlan 12 drop Co[...]

  • Page 9

    23-9 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring VLAN ACLs is first checked against the output ACL applied to the routed interface and, if permitt ed, the VACL configured for the destinat ion VLAN is applied. If a V A CL is configured for a pack et type and[...]

  • Page 10

    23-10 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring VLAN ACLs Routed Packets Figure 23-2 sh ow s ho w A CLs are applied on routed and Layer 3-switched pack ets. For routed or Layer 3-switched packets, the ACLs are applied in the follo wing order: 1. V A CL f[...]

  • Page 11

    23-11 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring VLAN ACLs Multicast Packets Figure 23-3 sho ws how A CLs are applied on packets that need multicast e xpansion. F or packets that need multicast e xpansion, the AC Ls are applied in the follo wing order: 1. [...]

  • Page 12

    23-12 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring VLAN ACLs • VLAN Access Map Conf iguration and V e rificat ion Examples, page 23- 15 • Config uring a Capture Port, page 23-16 VACL Configuration Overview V A CLs use standard and ext ended Cisco IOS IP[...]

  • Page 13

    23-13 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring VLAN ACLs When defini ng a VLAN access map, note the follo wing syntax information: • T o insert or modify an entry , specify the map sequence number . • If you do not sp ecify the map sequence num be r [...]

  • Page 14

    23-14 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring VLAN ACLs Configuring an Action Clause in a VLAN Access Map Sequence T o configure an action clause in a VLAN access map sequence, perform this task: When configuring an action clause in a VLAN access map s[...]

  • Page 15

    23-15 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring VLAN ACLs When applying a VLAN access map, note the follow ing syntax informati o n: • Y ou can apply the VLAN access map to on e or more VLANs or W AN interfaces. • The vlan_list parameter can be a sing[...]

  • Page 16

    23-16 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring VLAN ACLs This exampl e sho ws how to def ine and apply a VLAN ac cess map to forward IP packets. In this e xample, IP traf fic matching net_10 is for warded and al l ot her IP packets are dropped due to th[...]

  • Page 17

    23-17 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring VLAN ACLs When config uring a capture port, note th e follo wing syntax information: • W ith Release 12.1(13)E and later releases, you can co nfigure an y port as a capture port. W ith earlier releases, on[...]

  • Page 18

    23-18 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring TCP Interc ept These restrictions apply to V A CL logging: • Supported only with Su pervisor Engine 2. • Because of the rate-limiting func tion for redirected packets, V A CL logging counters may not be[...]

  • Page 19

    23-19 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring Unicast Re verse Path Forwarding Configuring Unicast Reverse Path Forwarding These sections describe conf iguring Cisco IOS Unicast Re verse Path F orwarding (Unicast RPF): • Understanding Unicast RPF S up[...]

  • Page 20

    23-20 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring Unicast Re verse Path Forwarding This e xample sho ws how to enable self-p inging: Router(config)# interface gigabitethernet 4/1 Router(config-if)# ip verify unicast source reachable-via any allow-self-ping[...]

  • Page 21

    23-21 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring Unicast Flood Protection This example sho ws how to enable Unicast RPF exis t-only checking mode on Gi gabit Ethernet port 4/ 1: Router(config)# interface gigabitethernet 4/1 Router(config-if)# ip verify uni[...]

  • Page 22

    23-22 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring MAC Move Notification When config uring unicast flood pr otection, note the follo wing syntax information: • Use the limit keyw ord to specify the unicast floods on a per source MA C address and per VLAN [...]

  • Page 23

    23-23 Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E 78-14064-04 Chapter 23 Con figuring Network Security Configuring MAC Move Notification This exampl e sho ws ho w to enable the MA C mov e notif ication feature: Router(config)# mac-address-table notification mac-move Router# show mac-address-table notification mac-move MA[...]

  • Page 24

    23-24 Cisco 7600 Series Router Cisco IOS Software C onfiguration Guide—12.1E 78-14064-04 Chapter 23 Configur ing Network Security Configuring MAC Move Notification[...]