configure … 9-65 option … 9-71 traffic … 9-18,9-72

implicit deny

See deny any, implicit. 9-12,9-20

See ACL, wildcard. IPX … 9-26

log function, with mirroring … 9-17See ACL, logging.

9-17,9-18,9-48 described … 9-96 session … 9-17

9-99

mask … 9-11,9-17,9-29,9-47 CIDR … 9-43

defined … 9-11

multiple IP addresses … 9-32 one IP address … 9-31

9-41,9-30,9-31,9-26,9-27,9-17,9-16

name or number assignment … 9-41,9-35,9-12,9-45,9-42,9-41,9-26,9-16,9-12

manage as named … 9-45 rule … 9-42

offline editing … 9-94,9-61,9-62,9-23

permit any forwarding … 9-12,9-26,9-12,9-16,9-35,9-18,9-24,9-4,9-35,9-28,9-14,9-28,9-16,9-18,9-70,9-59,9-4

RACL

operation defined … 9-14

9-6,9-10,9-11,9-15,9-16,9-20 remark … 9-12

remove from an ACE … 9-83

9-73,9-28,9-41,9-67,9-100,9-27 SA, defined … 9-12

security use … 9-5,9-25,9-26,9-13,9-76 use to delete ACE … 9-79,9-77

9-67,9-19,9-34

command summary … 9-6,9-44,9-6,9-44 defined … 9-13,9-35,9-44

example … 9-52

named, configure … 9-47,9-50,9-35 remark … 9-7,9-44,9-7,9-44 sequence number … 9-7,9-44,9-36 use … 9-14,9-45

9-9,9-13,9-15,9-28,9-6,9-30,9-40See command syntax.

Syslog

See ACL, logging.

TCP or UDP port number, IANA … 9-62,9-61,9-62

terms … 9-10

ToS setting … 9-18,9-60,9-70

traffic not filtered … 9-26,9-5,9-24,9-28,9-40,9-45,9-78,9-85,9-88,9-89

user-based 802.1X … 9-16

VACL

operation defined … 9-149-28

wildcard … 9-11,9-31,9-13

ACL, IPv4

monitoring … 9-92

ACL, IPv4 statistics counters, ACE 9-92

ACL, IPv6

hit count

See statistics, ACE. monitoring … 9-92

statistics counters, ACE, IPv4 … 9-92 troubleshooting … 9-92

ACLs

See also RADIUS-assigned ACLs.

address

authorized for port security … 13-5

alerts

generating for monitored events … 10-24

ARP

adding IP-to-MAC binding … 10-19 debugging … 10-22,10-21,10-15 requests … 10-23

trusted ports … 10-17

validation checks on ARP packets, configuring … 10-20

authentication

concurrent Web/MAC … 3-3

DCA-applied parameters to non-authenticated client sessions … 1-19

display all 802.1X, Web, and MAC configurations … 3-13

NIM override … 1-19 RADIUS override … 1-20,6-6

authentication failures 10-23authentication session

client-specific configuration applied with DCA … 1-19

authenticator

backend state … 12-62

Index – 3