Manuals / Brands / Computer Equipment / Network Card / Cisco Systems / Computer Equipment / Network Card

Cisco Systems SCE 2000 4xGBE Step 7: Configuring Access Control Lists (ACLs)

1 143

Download 143 pages, 1.31 Mb

Chapter 5 Connecting the Management Interfaces and Performing Initial System Configuration

Initial System Configuration

Cisco SCE 2000 4xGBE Installation and Configuration Guide

5-12 OL-7824-04

EXAMPLE:

Following is a sample RDR-formatter configuration dialog, assigning the IP address and TCP port

number.

Would you like to enter the RDR-formatter configuration menu? [no]: y

Enter RDR-formatter destination’s IP address: 10.1.1.230

Enter RDR-formatter destination’s TCP port number: 33000

Step 7: Configuring Access Control Lists (ACLs)

The SCE 2000 can be configured with Access Control Lists (ACLs), which are used to permit or

deny incoming connections on any of the management interfaces.

Note ACL #0 is a pre-defined list that permits access to all IP addresses.

Configuration of access control lists is done in two stages:

Step 1 Create the access control lists.

You may create 99 ACLs with a maximum of 20 entries per list. Each entry consists of an IP

address, and an indication of whether access is permitted or denied to this IP address.

Step 2 Assign the ACLs to the appropriate management interface. (See Step 9: Configuring the

Topology-Dependent Parameters.)

The dialog permits you to skip the creation/editing of the ACLs and go directly to assigning ACLs

to the management interfaces.

Entry Formats

Each ACL may permit/deny access to any IP address, one or more ranges of IP addresses, or one

or more individual IP address. Three entry formats are available to support these options:

• Any IP address — Type the word “any”. Any IP address will be permitted or denied

access.

• Range of IP addresses — Type the beginning IP address in the desired range, then enter

the wildcard bits that define the range.

This wildcard functions like a reverse mask, in that all “1” bits in the wildcard indicate the

corresponding bit in the IP address should be ignored. All other bits must match the

corresponding bit in the specified IP address. Refer to the table below for examples.

Each range of IP addresses can be configured to be permitted or denied access.

• Individual IP address — Type the desired IP address, then enter the wildcard bits 0.0.0.0.

Each individual IP address can be configured to be permitted or denied access.

Contents

Main Cisco SCE 2000 4xGBE Installation and Configuration Guide Page Page Page Page Page Preface Document Revision History Audience Organization The major sections of this guide are as follows: Related Publications Conventions Notes use the following conventions: Cautions use the following conventions: Warnings use the following conventions: Obtaining Documentation World Wide Web Documentation CD-ROM Ordering Documentation Documentation Feedback Obtaining Technical Assistance Cisco.com Technical Assistance Center Contacting TAC by Using the Cisco TAC Website Contacting TAC by Telephone Page Overview The Cisco Service Control Concept Service Control for Broadband Service Providers Cisco Service Control Capabilities The SCE Platform Management and Collection Network Management Subscriber Management Collection Service Configuration Management Page Introduction to the SCE Platform The SCE Platform Front Panel The SCE 2000 Front Panel consists of ports and LEDs as shown in the following figure and tables. Page Back Panel Checking the Shipping Container Contents SCE 2000 Component List SCE 2000 Installation Checklist Page Topology The SCE 2000 Platform Topology Considerations Functionality Number of links Redundancy Link Continuity Bypass Mechanism Maintaining the Network Links vs Maintaining SCE 2000 Platform Functionality Physical Topologies Single SCE 2000 Topologies Single Link: Inline Topology Dual link: Inline Installation Single Link: Receive-only Topology Dual Link: Receive-Only Topology Two Cascaded SCE 2000s For Dual Links Two Cascaded SCE 2000s: Inline Topology Topology-Related Parameters SCE 2000 Configuration Connection Mode Parameter Physically Connected Links Parameter Priority On-Failure Mode Parameter Page Page Installation and Maintenance Preparing to Install the SCE 2000 Platform Tools and Parts Required Site Requirement Guidelines Airflow Site Requirements Installing the SCE 2000 Platform Installation Precautions Installing the SCE 2000 on a Workbench or Tabletop Rack-Mounting a SCE 2000 Platform Attaching the Brackets to the SCE 2000 Attaching the Crossrail Supports to the Rack Mounting the System to the Rack Attaching a Chassis Ground Connection Page Power Supply Overview LEDs Power Supply Specifications Removing and Replacing a Power Supply Unit Powering Down the Power Supply Unit and Disconnecting Input Power Powering Down an AC-Input Power Supply Powering Down a DC-Input Power Supply Unit and Removing the DC-Input Leads Removing the Power Supply Unit Replacing the Power Supply Unit Reconnecting the Power Reconnecting AC-Input Power Supply Unit Reconnecting DC-Input Power Supply Unit Fan Module Overview Removing and Replacing the Fan Module Removing the Fan Module Replacing the Fan Module Replacing the Battery Connecting the Local Console Connecting the Management Interfaces and Performing Initial System Configuration Setting Up the Local Console Initial System Configuration Setup Command Parameters Page Page Step 1: Configuring Initial Settings Step 2: Configuring the Hostname Step 3: Setting the Passwords Step 4: Configuring Time Settings Page Step 5: Configuring the DNS Settings Step 6: Configuring the RDR Formatter Destination Step 7: Configuring Access Control Lists (ACLs) Entry Formats Order of Entries Page Page Step 8: Configuring SNMP Page Step 9: Configuring the Topology-Dependent Parameters Page Page Page Step 10: Completing and Saving the Configuration Page Page Connecting the Management Interface Cabling the Management Port Verifying Management Interface Connectivity Page Page Connecting the line ports to the network Cabling the Line Ports and Completing the Installation Cabling Diagrams Single Link: Inline Topology Single Link: Receive-only Topology Dual Link: Single SCE 2000 Topologies Page Dual Link: Two SCE 2000s Topology 2000 SCE Configuring the GBE Interface Parameters Configuring the Gigabit Ethernet Line Interfaces Connecting the GBE Line Interface Ports Fiber Specifications Cabling the GBE Port Testing Connectivity: Examining Link LEDs and Counters Examining the LEDs Viewing the Counters to Verify that the Network Traffic is Reaching the Device Installing a Cascaded System CLI Commands Topology-Related Parameters for Redundant Topologies Configuring the Connection Mode Link Mode Monitoring the System Loading and Activating a Service Control Application Page Page Basic SCE 2000 Platform Operations Starting the SCE 2000 Platform Checking Conditions Prior to System Startup Starting the System and Observing Initial Conditions Final Tests Verifying Operational Status Viewing the User Log Counters Managing SCE 2000 Configurations Viewing Configuration Page Saving the Configuration Settings Recovering a Previous Configuration Performing Complex Configurations Rebooting and Shutting Down the SCE Platform Rebooting the SCE Platform Shutting Down the SCE Platform Troubleshooting Troubleshooting Overview Troubleshooting T ools There are three tools that will help you to successfully troubleshoot your SCE 2000 installation: CLI Commands for Troubleshooting The User Log The Logging System Copying the User Log Viewing the User Log Clearing the User Log Viewing the User Log Counters Generating a File for Technical Support Check the LEDs SCE 2000 Operational Status Problem Solving Using a Subsystems Approach Identifying Startup Problems Troubleshooting the Power Subsystem Page Troubleshooting the Firmware Package Installation Troubleshooting the Management Subsystem Page Troubleshooting the Link Interface Subsystem Problems in the link interface subsystem could be any of the following: Page Page The External Optical Bypass Module External Optical Bypass Functionality The External Optical Bypass Module Front Panel Installing the External Bypass Module Installing the Module in a Rack Cabling the External Optical Bypass Module Page Page Specifications Page Index A B C D G I L M N T V W