7-39
Cisco TrustSec Configuration Guide
OL-22192-01
Chapter 7 Cisco TrustSec Command Summary
cts sxp
cts sxp
To configure SXP on a network device, use the cts sxp global configuration command. This command
enables SXP, determines the SXP password, the peer speaker/listener relationship, and the reconciliation
period. It also toggles the binding changes log on or off. Use the no form of the command to disable SXP
configurations.
[no] cts sxp connection peer ip4_address password {default | none} mode {local | peer}
[speaker | listener] [vrf vrf_name]
[no] cts sxp connection peer ip4_address source ip4_address password {default | none} mode
{local | peer} [speaker | listener] [vrf vrf_name]
[no] cts sxp default password {0 unencrypted_pwd | 6 encrypted_key | 7 encrypted_key |
cleartext_pwd }
[no] cts sxp default source-ip ip4_address
[no] cts sxp enable
[no] cts sxp log binding-changes
[no] cts sxp mapping network-map bindings
[no] cts sxp reconciliation period seconds
[no] cts sxp retry period seconds
Syntax Description connection peer ip4_address Specifies the peer SXP address.
password {default | none}
Specifies the password that SXP will use for the peer connection
using the following options:
• default—Use the default SXP password you configured using
the cts sxp default password command.
• none—Do not use a password.
Maximum password length is 32 characters.
mode {local | peer} Specifies the role of the remote peer device:
• local—The specified mode refers to the local device.
• peer—The specified mode refers to the peer device.
network-map bindings 0–65535. Maximum number of Subnet host address to SGT
bindings permitted when expanding subnets for IP–SGT tagging
and export. Enter 0 for no expansion.
speaker | listener speaker—Default. Specifies that the device is the speaker in the
connection.
listener—Specifies that the device is the listener in the connection.
vrf vrf_name (Optional) Specifies the VRF to the peer. Default is the default
VRF.
To Next Page
Loading...
