Manualshelf

User Manual

ManualsBrandsCabletron ManualsCables & InterconnectsCabletron Tpfot-2 10BT Transceiver 1 RJ45 Utp to 1 St MMf
111112113114115116117118119120
Enterasys X-Pedition User Reference Manual 87
Configuring a Port- or Protocol-Based VLAN
Configuring VLANs for Bridging
The XP allows you to create VLANs for AppleTalk, DECnet, SNA, and IPv6 traffic as well as for
IP and IPX traffic. You can create a VLAN for handling traffic for a single protocol, such as a
DECnet VLAN. Or, you can create a VLAN that supports several specific protocols, such as SNA
and IP traffic.
Note: Some commands in this facility require updated XP hardware.
Configuring Layer-2 Filters
Layer-2 security filters on the XP allow you to configure ports to filter specific MAC addresses.
When defining a Layer-2 security filter, you specify to which ports you want the filter to apply.
Refer to the “Security Configuration Chapter” for details on configuring Layer-2 filters. You can
specify the following security filters:
Address filters
These filters block traffic based on the frame's source MAC address, destination MAC address,
or both source and destination MAC addresses in flow bridging mode. Address filters are
always configured and applied to the input port.
Port-to-address lock filters
These filters prohibit a user connected to a locked port or set of ports from using another port.
Static entry filters
These filters allow or force traffic to go to a set of destination ports based on a frame's source
MAC address, destination MAC address, or both source and destination MAC addresses in flow
bridging mode. Static entries are always configured and applied at the input port.
Secure port filters
A secure filter shuts down access to the XP based on MAC addresses. All packets received by
a port are dropped. When combined with static entries, however, these filters can be used to drop
all received traffic but allow some frames to go through.