Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Policies at Policy Server:
- Policy: IXFilter
- entry IXFilter1 {
- if match all {
- ethernet-destination-address 01:80:c2:00:00:02 ;
- ethernet-type 0x8809 ;
- }
- then {
- permit ;
- }
- }
- entry IXFilter2 {
- if match all {
- ethernet-type 0x0800 ;
- }
- then {
- permit ;
- }
- }
- entry IXFilter3 {
- if match all {
- ethernet-type 0x0806 ;
- }
- then {
- permit ;
- }
- }
- entry IXFilter4 {
- if match all {
- ethernet-type 0x86dd ;
- }
- then {
- permit ;
- }
- }
- entry IXFilter6 {
- if match all {
- ethernet-destination-address 00:00:00:00:00:00 / 00:00:00:00:00:00 ;
- }
- then {
- deny ;
- }
- }
- Number of clients bound to policy: 1
- Client: acl bound once
- Policy: SrvFilter
- entry SrvFilter1 {
- if match all {
- ethernet-destination-address 01:80:c2:00:00:02 ;
- ethernet-type 0x8809 ;
- }
- then {
- permit ;
- }
- }
- entry SrvFilter2 {
- if match all {
- ethernet-type 0x0800 ;
- }
- then {
- permit ;
- }
- }
- entry SrvFilter3 {
- if match all {
- ethernet-type 0x0806 ;
- }
- then {
- permit ;
- }
- }
- entry SrvFilter4 {
- if match all {
- ethernet-type 0x86dd ;
- }
- then {
- permit ;
- }
- }
- entry SrvFilter5 {
- if match all {
- ethernet-destination-address 00:00:00:00:00:00 / 00:00:00:00:00:00 ;
- }
- then {
- deny ;
- }
- }
- Number of clients bound to policy: 1
- Client: acl bound once
- Policy: UpStreamFilter
- entry LACP_permit {
- if match all {
- ethernet-destination-address 01:80:c2:00:00:02 ;
- ethernet-type 0x8809 ;
- }
- then {
- packet-count LACP_permit ;
- permit ;
- }
- }
- entry IPV4_permit {
- if match all {
- ethernet-type 0x0800 ;
- }
- then {
- packet-count IPV4_permit ;
- permit ;
- }
- }
- entry ARP_permit {
- if match all {
- ethernet-type 0x0806 ;
- }
- then {
- packet-count ARP_permit ;
- permit ;
- }
- }
- entry IPV6_permit {
- if match all {
- ethernet-type 0x86dd ;
- }
- then {
- packet-count IPV6_permit ;
- permit ;
- }
- }
- entry STP_deny {
- if match all {
- ethernet-type 0x0802 ;
- }
- then {
- packet-count STP_deny ;
- permit ;
- }
- }
- entry ALL_deny {
- if match all {
- ethernet-destination-address 00:00:00:00:00:00 / 00:00:00:00:00:00 ;
- }
- then {
- packet-count ALL_deny ;
- permit ;
- }
- }
- Number of clients bound to policy: 1
- Client: acl bound once
- Policy: vty-access
- entry AllowTheseSubnets {
- if match any {
- source-address 1.1.1.0/24 ;
- }
- then {
- permit ;
- }
- }
- Number of clients bound to policy: 1
- Client: exsshd bound once
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement