Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

DLSW and Security

Does anyone have any tips on how to improve the security on routers running DLSW ? I am running both WAN to LAN and LAN to LAN DLSW and would like a mechanism that would ensure the controller on the end of my LAN or WAN is verified before permiting communications to the FEP .

2 REPLIES
Bronze

Re: DLSW and Security

The only additional security you could implement at a router level would be to restrict the mac addresses that DLSW will pass traffic for using an access list 700 - 799 and the dmac-output-list parameter on the dlsw remote-peer statement.

Since this uses the destination mac address, you would need to code it with the controller mac address in the router on the FEP side of the connection. It would not prevent any controller from sending an initial test frame but traffic will only be returned to specific mac addresses.

New Member

Re: DLSW and Security

You can encrypt the DLSW over IPSEC tunnel. Here is the sample config for that:

http://www.cisco.com/warp/customer/707/dlsw.shtml

104
Views
0
Helpful
2
Replies
CreatePlease to create content