8-42
Classifier-Based Software Configuration
Zone Classes
The zone classes you configure will be used later in the zone policies you
create.
To configure a zone class to be used in one or more policies, follow these steps:
1. Enter the class zone command from the global configuration context.
2. Enter the port-list command from the class configuration context to
determine the ports on which policy actions will be performed.
A port may belong to only one zone; if a port is already associated with a
zone, adding the port to another zone removes that port from its exiting
zone and moves it to the new zone.
3. Enter the exit command to exit the class configuration context.
4. To display all the classes configured, including the zone classes, enter the
show class command. To display a specific zone class configuration, enter
the show class zone <zone name> command.
5. To edit a class configuration, re-enter the class configuration context
(class command) and enter new port-list statements as follows:
6. To remove a port from the zone class, enter the no port-list <port >
command.
Example. Figure 8-15 shows an example of several class configurations:
â– Ports A10-A24 belong to the internal zone class.
â– Port A1 belongs to the external zone class.
Context: Global configuration
Syntax: [no] class zone <zone name>
Defines a zone class, where < zone name > is a text string
(64 characters maximum).
After you enter the class zone command, you enter the class
zone configuration context. For transparent mode, you can
then enter the port-list you want to define for this zone.
Context: Class configuration
Syntax: [no] port-list [ethernet] <port>
<port>: Defines the port or ports that are assigned to this
zone class.
To Next Page
Loading...
Need help?
General