Cisco ACE-4710-K9 Administration Guide - Page 354
class-default, class, match any, insert-before, permit, maps in the policy map, enter
View all Cisco ACE-4710-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 354 highlights
Configuring SNMP Management Traffic Services Chapter 8 Configuring SNMP • class-default-Specifies the class-default class map for the Layer 3 and Layer 4 traffic policy. This class map is a reserved class map created by the ACE. You cannot delete or modify this class. All network traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. If none of the specified classifications match, the ACE then matches the action specified under the class class-default command. The class-default class map has an implicit match any statement in it and is used to match any traffic classification. The class-default class map has an implicit match any statement that matches all traffic. For example, to specify an existing class map within the Layer 3 and Layer 4 remote access policy map, enter: host1/Admin(config-pmap-mgmt)# class SNMP-ALLOW_CLASS host1/Admin(config-pmap-mgmt-c)# To use the insert-before command to define the sequential order of two class maps in the policy map, enter: host1/Admin(config-pmap-mgmt)# class L4_SSH_CLASS insert-before L4_REMOTE_ACCESS_CLASS To specify the class-default class map for the Layer 3 and Layer 4 traffic policy, enter: host1/Admin(config-pmap-mgmt)# class class-default host1/Admin(config-pmap-mgmt-c)# To remove a class map from a Layer 3 and Layer 4 policy map, enter: host1/Admin(config-pmap-mgmt)# no class SNMP-ALLOW_CLASS Specifying Layer 3 and Layer 4 Policy Actions To allow the network management traffic listed in the Layer 3 and Layer 4 class map to be received or rejected by the ACE, specify either the permit or deny command in policy map class configuration mode. • Use the permit command in policy map class configuration mode to allow the SNMP management protocols listed in the class map to be received by the ACE. • Use the deny command in policy map class configuration mode to refuse the SNMP management protocols listed in the class map to be received by the ACE. 8-44 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01