SHARE
TWEET

extreme

lexore May 21st, 2014 186 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Policies at Policy Server:
  2. Policy: IXFilter
  3. entry IXFilter1 {
  4. if match all {
  5.     ethernet-destination-address 01:80:c2:00:00:02 ;
  6.     ethernet-type 0x8809 ;
  7. }
  8. then {
  9.     permit  ;
  10. }
  11. }
  12. entry IXFilter2 {
  13. if match all {
  14.     ethernet-type 0x0800 ;
  15. }
  16. then {
  17.     permit  ;
  18. }
  19. }
  20. entry IXFilter3 {
  21. if match all {
  22.     ethernet-type 0x0806 ;
  23. }
  24. then {
  25.     permit  ;
  26. }
  27. }
  28. entry IXFilter4 {
  29. if match all {
  30.     ethernet-type 0x86dd ;
  31. }
  32. then {
  33.     permit  ;
  34. }
  35. }
  36. entry IXFilter6 {
  37. if match all {
  38.     ethernet-destination-address 00:00:00:00:00:00 / 00:00:00:00:00:00 ;
  39. }
  40. then {
  41.     deny  ;
  42. }
  43. }
  44. Number of clients bound to policy: 1
  45. Client: acl bound once
  46.  
  47. Policy: SrvFilter
  48. entry SrvFilter1 {
  49. if match all {
  50.     ethernet-destination-address 01:80:c2:00:00:02 ;
  51.     ethernet-type 0x8809 ;
  52. }
  53. then {
  54.     permit  ;
  55. }
  56. }
  57. entry SrvFilter2 {
  58. if match all {
  59.     ethernet-type 0x0800 ;
  60. }
  61. then {
  62.     permit  ;
  63. }
  64. }
  65. entry SrvFilter3 {
  66. if match all {
  67.     ethernet-type 0x0806 ;
  68. }
  69. then {
  70.     permit  ;
  71. }
  72. }
  73. entry SrvFilter4 {
  74. if match all {
  75.     ethernet-type 0x86dd ;
  76. }
  77. then {
  78.     permit  ;
  79. }
  80. }
  81. entry SrvFilter5 {
  82. if match all {
  83.     ethernet-destination-address 00:00:00:00:00:00 / 00:00:00:00:00:00 ;
  84. }
  85. then {
  86.     deny  ;
  87. }
  88. }
  89. Number of clients bound to policy: 1
  90. Client: acl bound once
  91.  
  92. Policy: UpStreamFilter
  93. entry LACP_permit {
  94. if match all {
  95.     ethernet-destination-address 01:80:c2:00:00:02 ;
  96.     ethernet-type 0x8809 ;
  97. }
  98. then {
  99.     packet-count LACP_permit ;
  100.     permit  ;
  101. }
  102. }
  103. entry IPV4_permit {
  104. if match all {
  105.     ethernet-type 0x0800 ;
  106. }
  107. then {
  108.     packet-count IPV4_permit ;
  109.     permit  ;
  110. }
  111. }
  112. entry ARP_permit {
  113. if match all {
  114.     ethernet-type 0x0806 ;
  115. }
  116. then {
  117.     packet-count ARP_permit ;
  118.     permit  ;
  119. }
  120. }
  121. entry IPV6_permit {
  122. if match all {
  123.     ethernet-type 0x86dd ;
  124. }
  125. then {
  126.     packet-count IPV6_permit ;
  127.     permit  ;
  128. }
  129. }
  130. entry STP_deny {
  131. if match all {
  132.     ethernet-type 0x0802 ;
  133. }
  134. then {
  135.     packet-count STP_deny ;
  136.     permit  ;
  137. }
  138. }
  139. entry ALL_deny {
  140. if match all {
  141.     ethernet-destination-address 00:00:00:00:00:00 / 00:00:00:00:00:00 ;
  142. }
  143. then {
  144.     packet-count ALL_deny ;
  145.     permit  ;
  146. }
  147. }
  148. Number of clients bound to policy: 1
  149. Client: acl bound once
  150.  
  151. Policy: vty-access
  152. entry AllowTheseSubnets {
  153. if match any {
  154.     source-address 1.1.1.0/24 ;
  155. }
  156. then {
  157.     permit  ;
  158. }
  159. }
  160. Number of clients bound to policy: 1
  161. Client: exsshd bound once
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top