Does anybody out there have a seed device configuration for a Cisco 4506 switch? The device in question is a 4506-E with a sup 7L-E. I've followed what I can find in the Trustsec documentation and can get the PAC provisioned but it fails on sending the environment data.
Please make sure that you have configured the PAC according to the following :
• There can be at most one IPv4, one IPv6, and one MAC access list applied to the same Layer 2 interface per direction. • The IPv4 access list filters only IPv4 packets, the IPv6 access list filters only IPv6 packets, and the MAC access list filters only non-IP packets. • The number of ACLs and ACEs that can be configured as part of a PACL are bounded by the hardware resources on the switch. Those hardware resources are shared by various ACL features (for example, RACL, VACL) that are configured on the system. If insufficient hardware resources to program PACL exist in hardware, the actions for input and output PACLs differ: – For input PACLs, some packets are sent to CPU for software forwarding. – For output PACLs, the PACL is disabled on the port. • If insufficient hardware resources exist to program the PACL, the output PACL is not applied to the port, and you receive a warning message. • The input ACL logging option is supported, although logging is not supported for output ACLs. • The access group mode can change the way PACLs interact with other ACLs. To maintain consistent behavior across Cisco platforms, use the default access group mode. • If a PACL is removed when there are active sessions on a port, a hole (permit ip any any) is installed on the port.
For step by step configuration, please go through the following link:
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...