Document ID: 12606
Cisco has announced the end of sales for the Cisco CSS 11000 and CSS 11800 Series Content Service Switch. For more information, refer to the End-of-Sales Announcement.
Contents
Introduction
Prerequisites
Requirements
Components Used
Conventions
Information
Related Information
Introduction
This document discusses why enabling Access Control Lists (ACLs) on the Content Services Switch (CSS) 11000 and 11500 disables all by default.
Prerequisites
Requirements
There are no specific requirements for this document.
Components Used
The information in this document is based on these software and hardware versions:
-
Cisco CSS 11000 and 11500 Series Switches
-
Cisco WebNS Software Release 2.0 and later
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Conventions
For more information on document conventions, refer to the Cisco Technical Tips Conventions.
Information
When the CSS has ACLs enabled, the box defaults to denying all traffic on all VLANs. In order to allow traffic through the CSS, you must configure an ACL for each VLAN to permit the traffic through the box that you desire. An explicit deny all clause exists at the end of every ACL. VLANs that do not have an ACL applied do not allow any traffic through until you configure an ACL that allows traffic. An example is shown here.
acl 10 clause 10 permit any any destination any apply circuit-(VLAN4)
Related Information
- Configuring Source Groups, ACLs, EQLs, URQLs, NQLs, and DQLs - CSS Basic Configuration Guide 7.20
- Content Networking Software Center (registered customers only)
- Content Networking Devices Hardware Support
- Technical Support - Cisco Systems
| Updated: Jan 31, 2006 | Document ID: 12606 |