cts role-based sgt-map
To manually configure the Cisco TrustSec security group tag (SGT) mapping to IP addresses, use the cts
role-based sgt-map command. To remove an SGT, use the no form of this command.
cts role-based sgt-map ipv4-address sgt-value
no cts role-based sgt-map ipv4-address
Syntax Description
IPv4 address. The format is A.B.C.Dipv4-address
SGT value. The range is 0 to 65533.
sgt-value
Command Default
None
Command Modes
Global configuration VLAN configuration VRF configuration
Command History
ModificationRelease
This command was introduced.4.0(1)
Usage Guidelines
To use this command, you must enable the Cisco TrustSec feature using the feature cts command.
You can use only IPv4 addressing with Cisco TrustSec.
This command requires the Advanced Services license.
Examples
This example shows how to configure mapping for a Cisco TrustSec SGT:
switch# configure terminal
switch(config)# cts role-based sgt-map 10.10.1.1 3
switch(config-rbacl)#
This example shows how to remove a Cisco TrustSec SGT mapping:
switch# configure terminal
switch(config)# no ccts role-based sgt-map 10.10.1.1
Related Commands
DescriptionCommand
Enables the Cisco TrustSec feature.feature cts
Displays the Cisco TrustSec SGT mapping.show cts role-based sgt-map
Cisco Nexus 7000 Series Security Command Reference
145
C Commands
cts role-based sgt-map
To Next Page
Loading...
