Chapter 11 Miscellaneous SSG Features
SSG Unconfig
Configuration of Packet Filtering
To configure SSG ACLs, use the following
•Downstream Access Control List (outacl)
•Upstream Access Control List (inacl)
For more information, refer to the Service Selection Gateway, Release 12.2(15)B feature module.
Configuration Example for Packet Filtering
The following is an example of a downstream ACL (outacl):
The following is an example of an upstream ACL (inacl):
SSG Unconfig
The SSG Unconfig feature enhances your ability to disable SSG at any time and releases the data structures and system resources created by SSG when SSG is unconfigured.
SSG Unconfig removes SSG allocated resources when you globally disable SSG after it was enabled. When you enable SSG, the SSG subsystem in the Cisco IOS software acquires system resources that are never released, even after you disable SSG. The SSG Unconfig feature enables you to release and clean up system resources when SSG is not in use by entering the no ssg enable
The SSG Unconfig feature also enhances several IOS commands to allow you to delete all host objects, a range of host objects, or all service objects (connection objects). Enhancements to the show ssg host command allow you to display information about an interface and its IP address when you enable
Cisco 10000 Series Routers Command Quick Reference Guide.
For more information about the SSG Unconfig feature, refer to the SSG Unconfig, Release 12.2(15)B feature module and the Service Selection Gateway, Release 12.2(15)B feature module.
Restrictions for SSG Unconfig
SSG Unconfig clears all SSG resources on the system. Therefore, if you no longer need to run SSG features on the router, instead of using SSG Unconfig enter the no ssg enable
Cisco 10000 Series Router Service Selection Gateway Configuration Guide
|
|
| |
|
|
