Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
196
Views
0
Helpful
1
Replies

Creating an internal extra hop [clearing house for ACLs] on 6509

johnhaverty
Level 1
Level 1

‎08-09-2003 06:08 AM - edited ‎03-02-2019 09:28 AM

Using CatOS 5.5.19 on SUP1A-2GE, Hybrid IOS 12.1(8b)E15 on WS-F6K-MSFC. [Hybrid]

I have a [FlexWAN + POS OC3] and an a few Ethernet ingress ports. Going out of the switch, I have multiple paths out [multiple destination nets of over Ethernet]. What I would like to do is to create an L3 extra hop such that the multiple paths coming to the 6509 have to go through a single interface in the MSFC where I can apply ACLs. After the ACLs are applied, they can leave as the normally would have.

I'm having quite a bit of trouble figuring out what to do in this situation. Basically, I want to make a place to put ACLs in the middle because its annoying to have to do this on each interface [it is elegant to use the 6509 as a clearing house with the application I am using]. Another complication is that the FlexWAN ports don't show up in CatOS as ports available as VLANs.

So the idea in IP is to come in from say, 192.168.9.x/24, WAN1, and 192.168.8.x/24, WAN2, and both of them have to go through a no port VLAN in the middle, 192.168.7.x, then on to whatever it wants, for the sake of argument, 192.168.1.1-> LAN area. The idea is to create this extra hop on 192.168.7.x such that I could put ACLs on "vlan7" in MSFC, everything destined for egress, or in this figure, the right

side, has to go through the middle to get there.

<tt> this section

ACLs on 1 MSFC

inter!face /------LAN1

WAN1---|-*_!*--|/

| *_!* |--------LAN3

WAN2---|-*_!*--|\

! \______LAN2

65!09

</tt>

I'm kind of confused as to what this would be called. I made up the terminology extra hop and clearing house - what is the correct term for this?

Thanks for any insight;

- John

Labels:
0 Helpful
1 Reply 1

lisa.hall
Level 2
Level 2

‎08-14-2003 07:56 AM

You can configure ACLs on the MSFC to accomplish this. Refer to the following document for details.

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008007f4d4.html#47441

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents