Baseline templates question

Answered Question
Mar 8th, 2010
User Badges:

I am trying to scan complaince check on certain interfaces. I am interesting to check Ethernet and Fast ethernet interface and the interface number is 300,301 and 302. also from MLS switch Vlan 125,126 my question is how I can accomplish to add all requirments on sub mode.

here is what I did for one interface but I don't know how to add 301 and 302, if I use wildcard(*) may going to scan all300 interface I do want only from 300->302.  interface [#.*Ethernet0/0.300-#]  also no idea how to do for vlan . Thanks for any help

Correct Answer by Joe Clarke about 7 years 4 months ago

You will need to create one commandlet per interface to ensure that the right sub-interface has the right access-group applied.

Correct Answer by Joe Clarke about 7 years 4 months ago

You can use:


interface [#.*Ethernet0/0\.30[012]#]


The same thing would work for VLANs:


interface [#Vlan12[56]#]
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Joe Clarke Mon, 03/08/2010 - 11:37
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

You can use:


interface [#.*Ethernet0/0\.30[012]#]


The same thing would work for VLANs:


interface [#Vlan12[56]#]
raindrop18 Mon, 03/08/2010 - 15:10
User Badges:

Hi Joe, I got some difficulties while to achive my goal, actually each interface has different access list rule, so do I need to create separate template for each interface to scan for compliance?or Can I do one template to check each interface for different value(access_list). my objective is to check these interfaces properly configured on all routers. here is example to show you what's looks like.


interface GigabitEthernet0/0.300

ip address XXXXXXXX

encapsulation dot1Q 200

ip access-group eng_IN in

!

interface GigabitEthernet0/0.301 

encapsulation dot1Q 201

ip address XXXXXXXX ip

access-group market_IN in

!

interface GigabitEthernet0/0.302 

encapsulation dot1Q 202

ip address XXXXXXXXX

ip access-group lab_IN in




once again thank you.

Correct Answer
Joe Clarke Mon, 03/08/2010 - 20:57
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

You will need to create one commandlet per interface to ensure that the right sub-interface has the right access-group applied.

Actions

This Discussion