Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Controlling allowed IP addresses and image differences, C3560G

Reply
Thread Tools

Controlling allowed IP addresses and image differences, C3560G

 
 
Michael T. Davis
Guest
Posts: n/a
 
      03-24-2007
We're planning the purchase of a number of C3560G-24TS-S and ...-48TS-S
switches to upgrade our backbone to GbE capability. Is there a short document
somewhere which covers the differences between the -S and -E offerings (IP Base
[formerly SMI] and IP Services [formerly EMI] images, respectively)? All we
need is support for a few layer-3 access controls to prevent IP addresses that
aren't defined on our LAN from communicating beyond a port. In particular, we
want to block the addresses used for "private" LANs defined in RFC1918, but if
we can just configure things to say "don't let anything through except IPs in
subnet-a and subnet-b," that would be ideal. (BTW, can anyone comment on how
DHCP could be supported in such a case?) Will the -S series be enough?

Thanks,
Mike
--
| Systems Specialist: CBE,MSE
Michael T. Davis (Mike) | Departmental Networking/Computing
http://www.ecr6.ohio-state.edu/~davism/ | The Ohio State University
| 197 Watts, (614) 292-6928
 
Reply With Quote
 
 
 
 
Bod43@hotmail.co.uk
Guest
Posts: n/a
 
      03-25-2007
On 24 Mar, 22:19, (E-Mail Removed)-state.edu (Michael T. Davis) wrote:
> We're planning the purchase of a number of C3560G-24TS-S and ...-48TS-S
> switches to upgrade our backbone to GbE capability. Is there a short document
> somewhere which covers the differences between the -S and -E offerings (IP Base
> [formerly SMI] and IP Services [formerly EMI] images, respectively)? All we
> need is support for a few layer-3 access controls to prevent IP addresses that
> aren't defined on our LAN from communicating beyond a port. In particular, we
> want to block the addresses used for "private" LANs defined in RFC1918, but if
> we can just configure things to say "don't let anything through except IPs in
> subnet-a and subnet-b," that would be ideal. (BTW, can anyone comment on how
> DHCP could be supported in such a case?) Will the -S series be enough?
>
> Thanks,
> Mike


>From memory and with assumptions;

I would be surprised if the standard sw did not meet your
requirements. You need the extended software for BGP
but not for OSPF I seem to recall. For sure ACLs are
in the basic.

www.cisco.co/go/fn
Compare Images

User interface is pretty clunky but there is
no alternative. This is the official list of
features.



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Why defining a constant in a method is not allowed but usingself.class.const_set is allowed? IƱaki Baz Castillo Ruby 13 05-01-2011 06:09 PM
8k routes on a C3560G? T. Cam Cisco 0 05-23-2007 07:11 PM
How to implement a firewall for Windows platform that blocks based on Mac addresses instead of IP addresses cagdas.gerede@gmail.com C Programming 1 12-07-2006 04:30 AM
Physical Addresses VS. Logical Addresses namespace1 C++ 3 11-29-2006 03:07 PM
Controlling MAC Addresses Fatman Superstar Cisco 2 04-18-2004 08:47 AM



Advertisments