Cisco IOS: Difference between revisions

From Dave-Wiki
(Created page with "Packet Capture (Catalyst 6506-E) # show monitor # Show run | inc monitor session (config)# no monitor session 1 (config)# monitor session 1 source vlan 1309 (config)# monitor session 1 destination interface Gi2/1/3 ACLs Insert into existing Standard ACL # show access-list 24 (config)# ip access-list standard 24 (config-std-nacl)# 15 permit 10.1.2.0 0.0.0.255 (config-std-nacl)# exit (config)# ip access-list resequence 24 10 10 Insert into existing Extended ACL # sh a...")
 
No edit summary
(One intermediate revision by the same user not shown)
Line 1: Line 1:
Packet Capture (Catalyst 6506-E)
=Packet Capture=
# show monitor
(This example is on a Catalyst 6506-E)


# Show run | inc monitor session
# <code># show monitor</code>
# <code># Show run | inc monitor session</code>
# <code>(config)# no monitor session 1</code>
# <code>(config)# monitor session 1 source vlan 1309</code>
# <code>(config)# monitor session 1 destination interface Gi2/1/3</code>


(config)# no monitor session 1
=ACLs=


(config)# monitor session 1 source vlan 1309
===Insert into existing Standard ACL===


(config)# monitor session 1 destination interface Gi2/1/3
# <code># show access-list 24</code>
# <code>(config)# ip access-list standard 24</code>
# <code>(config-std-nacl)# 15 permit 10.1.2.0 0.0.0.255</code>
# <code>(config-std-nacl)# exit</code>
# <code>(config)# ip access-list resequence 24 10 10</code>


ACLs
===Insert into existing Extended ACL===
Insert into existing Standard ACL
# <code># sh access-lists vlan2-out</code>
# show access-list 24
# <code>(config)# ip access-list extended vlan2-out</code>
(config)# ip access-list standard 24
# <code>(config-ext-nacl)# 1421 permit tcp object-group VPN.CLIENTS host 10.1.49.23 eq 3389</code>
(config-std-nacl)# 15 permit 10.1.2.0 0.0.0.255
# <code>(config)# ip access-list resequence vlan2-out 10 10</code>
(config-std-nacl)# exit
 
(config)# ip access-list resequence 24 10 10
=VPN=
Insert into existing Extended ACL
 
# sh access-lists vlan2-out
==Some Useful Links==
(config)# ip access-list extended vlan2-out
(config-ext-nacl)# 1421 permit tcp object-group VPN.CLIENTS host 10.1.49.23 eq 3389
(config)# ip access-list resequence vlan2-out 10 10
VPN
Some Useful Links


[https://www.cisco.com/c/en/us/support/docs/routers/1700-series-modular-access-routers/71462-rtr-l2l-ipsec-split.html LAN-to-LAN IPsec Tunnel Between Two Routers Configuration Example]
[https://www.cisco.com/c/en/us/support/docs/routers/1700-series-modular-access-routers/71462-rtr-l2l-ipsec-split.html LAN-to-LAN IPsec Tunnel Between Two Routers Configuration Example]

Revision as of 02:56, 12 February 2024

Packet Capture

(This example is on a Catalyst 6506-E)

  1. # show monitor
  2. # Show run | inc monitor session
  3. (config)# no monitor session 1
  4. (config)# monitor session 1 source vlan 1309
  5. (config)# monitor session 1 destination interface Gi2/1/3

ACLs

Insert into existing Standard ACL

  1. # show access-list 24
  2. (config)# ip access-list standard 24
  3. (config-std-nacl)# 15 permit 10.1.2.0 0.0.0.255
  4. (config-std-nacl)# exit
  5. (config)# ip access-list resequence 24 10 10

Insert into existing Extended ACL

  1. # sh access-lists vlan2-out
  2. (config)# ip access-list extended vlan2-out
  3. (config-ext-nacl)# 1421 permit tcp object-group VPN.CLIENTS host 10.1.49.23 eq 3389
  4. (config)# ip access-list resequence vlan2-out 10 10

VPN

Some Useful Links

LAN-to-LAN IPsec Tunnel Between Two Routers Configuration Example

Cisco IOS VPN Configuration Guide

Site-to-Site IKEv2 Tunnel between ASA and Router Configuration Examples

Retrieved from "https://davehome.net/wiki/index.php?title=Cisco_IOS&oldid=113"