EasyManuals Logo

Cisco ASA 5555-X Configuration Guide

Cisco ASA 5555-X
428 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #106 background imageLoading...
Page #106 background image
6-24
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 6 ASA and Cisco TrustSec
Guidelines for Cisco TrustSec
Configure a Security Group Tag on an Interface
To configure a security group tag on an interface, perform the following steps:
Procedure
Step 1 Specify an interface and enter interface configuration mode.
interface id
Example:
ciscoasa(config)# interface gi0/0
Step 2 Enable Layer 2 SGT Imposition and enter cts manual interface configuration mode.
cts manual
Example:
hostname(config-if)# cts manual
Step 3 Enable propagation of a security group tag on an interface. Propagation is enabled by default.
propagate sgt
Example:
hostname(config-if-cts-manual)# propagate sgt
Step 4 Apply a policy to a manually configured CTS link.
policy static sgt sgt_number [trusted]
Example:
hostname(config-if-cts-manual)# policy static sgt 50 trusted
The static keyword specifies an SGT policy to incoming traffic on the link.
The sgt sgt_number keyword-argument pair specifies the SGT number to apply to incoming traffic from
the peer. Valid values are from 2-65519.
The trusted keyword indicates that ingress traffic on the interface with the SGT specified in the
command should not have its SGT overwritten. Untrusted is the default.
Examples
The following example enables an interface for Layer 2 SGT imposition and defines whether or not the
interface is trusted:
ciscoasa(config)# interface gi0/0
ciscoasa(config-if)# cts manual
ciscoasa(config-if-cts-manual)# propagate sgt
ciscoasa(config-if-cts-manual)# policy static sgt 50 trusted

Table of Contents

Other manuals for Cisco ASA 5555-X

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5555-X and is the answer not in the manual?

Cisco ASA 5555-X Specifications

General IconGeneral
Firewall Throughput4 Gbps
Maximum Concurrent Sessions1, 000, 000
Security Contexts50
VPN Throughput1.2 Gbps
RAM8 GB
Storage120 GB SSD
Power SupplyDual, Hot-swappable
Form Factor1RU
Interfaces8 x 1 Gigabit Ethernet

Related product manuals