Home > Cisco > Switch > Cisco Sg3008 Manual

Cisco Sg3008 Manual

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Sg3008 Manual. The Cisco manuals for Switch are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 461

    Page 461 Security: IPV6 First Hop Security Common Tasks Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 423 20 STEP 3If required, either configure a user-defined policy or add rules to the default p olicie s for the feature. STEP 4Attach the policy to a VLAN, port or LAG using either the Policy Attachment (VLAN) or Policy Attachment (Port) pages. Router Advertisement Guard Work Flow STEP 1In the RA Guard Settings page, enter the list of VLANs on which... 
    Security: IPV6 First Hop Security
Common Tasks
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  423
20
 
STEP  3If required, either configure a user-defined policy or add rules to the default 
p olicie s for the feature.
STEP  4Attach the policy to a VLAN, port or LAG using either the Policy Attachment 
(VLAN) or Policy Attachment (Port) pages.
Router Advertisement Guard Work Flow
STEP 1In the RA Guard Settings page, enter the list of VLANs on which...

    Page 462

    Page 462 Security: IPV6 First Hop Security Default Settings and Configuration 424 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 20 STEP 3If required, either configure a user-defined policy or add rules to the default p olicie s for the feature. STEP 4Attach the policy to a VLAN, port or LAG using either the Policy Attachment (VLAN) or Policy Attachment (Port) pages. Neighbor Binding Work Flow STEP 1In the Neighbor Bindings Settings page, enter the list of... 
    Security: IPV6 First Hop Security
Default Settings and Configuration
424 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 
20
STEP  3If required, either configure a user-defined policy or add rules to the default 
p olicie s for the feature.
STEP  4Attach the policy to a VLAN, port or LAG using either the Policy Attachment 
(VLAN) or Policy Attachment (Port) pages.
Neighbor Binding Work Flow
STEP 1In the Neighbor Bindings Settings page, enter the list of...

    Page 463

    Page 463 Security: IPV6 First Hop Security Before You Start Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 425 20 Before You Start No preliminary tasks are required. Configuring First Hop Security through Web GUI FHS Common Settings Use the FHS Settings page to enable the FHS Common feature on a specified group of VLANs and to set the global configuration value for logging packet dropping. If required, a policy can be added or the packet drop logging can... 
    Security: IPV6 First Hop Security
Before You Start
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  425
20
 
Before You Start
No preliminary tasks are required. 
Configuring First Hop Security through Web GUI
FHS Common Settings
Use the FHS Settings page to enable the FHS Common feature on a specified 
group of VLANs and to set the global configuration value for logging packet 
dropping. If required, a policy can be added or the packet drop logging can...

    Page 464

    Page 464 Security: IPV6 First Hop Security Configuring First Hop Security through Web GUI 426 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 20 RA Guard Settings Use the RA Guard Settings page to enable the RA Guard feature on a specified group of VLANs and to set the global configuration values for this feature. If required, a policy can be added or the system-defined default RA Guard policies can be configured in this page. To configure RA Guard on ports... 
    Security: IPV6 First Hop Security
Configuring First Hop Security through Web GUI
426 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 
20
RA Guard Settings
Use the RA Guard Settings page to enable the RA Guard feature on a specified 
group of VLANs and to set the global configuration values for this feature. If 
required, a policy can be added or the system-defined default RA Guard policies 
can be configured in this page.
To configure RA Guard on ports...

    Page 465

    Page 465 Security: IPV6 First Hop Security Configuring First Hop Security through Web GUI Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 427 20 •Other Configuration Flag—This field specifies verification of the advertised Other Configuration flag within an IPv6 RA Guard policy. -No Verification—Disables verification of the advertised Other Configuration flag. -On—Enables verification of the advertised Managed Other flag. -Off—The value of the flag must be... 
    Security: IPV6 First Hop Security
Configuring First Hop Security through Web GUI
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  427
20
 
•Other Configuration Flag—This field specifies verification of the 
advertised Other Configuration flag within an IPv6 RA Guard policy.
-No Verification—Disables verification of the advertised Other 
Configuration flag.
-On—Enables verification of the advertised Managed Other flag.
-Off—The value of the flag must be...

    Page 466

    Page 466 Security: IPV6 First Hop Security Configuring First Hop Security through Web GUI 428 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 20 To create an RA Guard policy or to configure the system-defined default policies, click Add and enter the above parameters. If required, click either Attach Policy to VL AN or Attach Policy to Interface. DHCPv6 Guard Settings Use the DHCPv6 Guard Settings page to enable the DHCPv6 Guard feature on a specified group... 
    Security: IPV6 First Hop Security
Configuring First Hop Security through Web GUI
428 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 
20
To create an RA Guard policy or to configure the system-defined default policies, 
click Add and enter the above parameters.
If required, click either Attach Policy to VL AN or Attach Policy to Interface.
DHCPv6 Guard Settings
Use the DHCPv6 Guard Settings page to enable the DHCPv6 Guard feature on a 
specified group...

    Page 467

    Page 467 Security: IPV6 First Hop Security Configuring First Hop Security through Web GUI Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 429 20 •Device Role—Select either Server or Client to specify the role of the device attached to the port for DHCPv6 Guard. -Inherited—Role of device is inherited from either the VLAN or system default (client). -Client—Role of device is client. -Host—Role of device is host. •Match Reply Prefixes—Select to enable... 
    Security: IPV6 First Hop Security
Configuring First Hop Security through Web GUI
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  429
20
 
•Device Role—Select either Server or Client to specify the role of the device 
attached to the port for DHCPv6 Guard.
-Inherited—Role of device is inherited from either the VLAN or system 
default (client).
-Client—Role of device is client.
-Host—Role of device is host.
•Match Reply Prefixes—Select to enable...

    Page 468

    Page 468 Security: IPV6 First Hop Security Configuring First Hop Security through Web GUI 430 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 20 To configure ND Inspection on ports or LAGs: STEP 1Click Security > First Hop Security > ND Inspection Settings. STEP 2Enter the following global configuration fields: •ND Inspection VLAN List—Enter one or more VLANs on which ND Inspection is enabled. •Drop Unsecure—Select to enable dropping messages with no CGA or... 
    Security: IPV6 First Hop Security
Configuring First Hop Security through Web GUI
430 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 
20
To configure ND Inspection on ports or LAGs: 
STEP 1Click Security > First Hop Security > ND Inspection Settings. 
STEP  2Enter the following global configuration fields:
•ND Inspection VLAN List—Enter one or more VLANs on which ND 
Inspection is enabled.
•Drop Unsecure—Select to enable dropping messages with no CGA or...

    Page 469

    Page 469 Security: IPV6 First Hop Security Configuring First Hop Security through Web GUI Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 431 20 STEP 5If required, click either At tach Policy to VL AN or Attach Policy to Interface. Neighbor Binding Settings The Neighbor Binding table is a database table of IPv6 neighbors connected to a device is created from information sources, such as Neighbor Discovery Protocol (NDP) snooping. This database, or binding,... 
    Security: IPV6 First Hop Security
Configuring First Hop Security through Web GUI
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  431
20
 
STEP  5If required, click either At tach Policy to VL AN or Attach Policy to Interface.
Neighbor Binding Settings
The Neighbor Binding table is a database table of IPv6 neighbors connected to a 
device is created from information sources, such as Neighbor Discovery Protocol 
(NDP) snooping. This database, or binding,...

    Page 470

    Page 470 Security: IPV6 First Hop Security Configuring First Hop Security through Web GUI 432 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 20 STEP 4Enter the following fields: •Policy Name—Enter a user-defined policy name. •Device Role—Select either Server or Client to specify the role of the device attached to the port for the Neighbor Binding policy. -Inherited—Role of device is inherited from either the VLAN or system default (client). -Client—Role of... 
    Security: IPV6 First Hop Security
Configuring First Hop Security through Web GUI
432 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 
20
STEP  4Enter the following fields:
•Policy Name—Enter a user-defined policy name.
•Device Role—Select either Server or Client to specify the role of the device 
attached to the port for the Neighbor Binding policy.
-Inherited—Role of device is inherited from either the VLAN or system 
default (client).
-Client—Role of...
    Start reading Cisco Sg3008 Manual

    Related Manuals for Cisco Sg3008 Manual

    All Cisco manuals