2013年11月18日星期一

Cisco 3750 L3 Core

And 1 other more important: The L3 WS-C3750V2-24PS-S (4 VLAN's /interfaces - 1 for each floor) - has NO access lists on it AT ALL. - This new wake on lan config requires an access list to limit/the broadcasts to be from the sccm/wol server (i dont want broadcasts accross vlans other than the wol). My concern is does an access-list not have an implicit deny (to all other traffic not listed) ? - do i nedd to add something to the access list? - or is it ok to add this access list as is here? - i presume ok?

below is a the relevant sections of my Cisco 3560's config - the trick is to include in each target vlan's config the ip helper-address command pointing to the WoL sending host - along with the "ip directed-broadcast" used with an access list to allow those ports to be broadcast - but just for your host that's sending.

In the that hosts VLAN you need to put in ip helper-address command with the target VLAN's network broadcast address.

You'll need to do the ip forward-protocol udp <pick your ports>

In the config below VLAN6 is where the WakeOnLan server resides (10.1.250.4)

The additional 10.1.10.3 ip helper-address in each VLAN config were put in previously - it's the DHCP server.

interface Vlan1
ip address 192.168.0.230 255.255.255.0
ip helper-address 10.1.10.3
ip helper-address 10.1.250.4
ip directed-broadcast 101

interface Vlan6
ip address 10.1.250.1 255.255.255.224
ip helper-address 10.1.10.3
ip helper-address 192.168.0.255
ip helper-address 10.1.15.255
ip helper-address 10.1.250.63
ip helper-address 10.106.4.255
ip helper-address 10.101.0.255
ip helper-address 10.101.8.255
ip helper-address 10.101.32.255
ip helper-address 10.101.33.255
ip helper-address 10.102.12.255
ip helper-address 10.106.8.255
ip helper-address 10.101.4.255
!
interface Vlan7
ip address 10.1.250.33 255.255.255.224
ip helper-address 10.1.10.3
ip helper-address 10.1.250.4
ip directed-broadcast 101
!
interface Vlan35
ip address 10.1.15.1 255.255.255.0
ip helper-address 10.1.10.3
ip helper-address 10.1.250.4
ip directed-broadcast 101

ip forward-protocol udp 16962
ip forward-protocol udp 0
ip forward-protocol udp echo
ip forward-protocol udp discard

access-list 101 permit udp host 10.1.250.4 any eq echo
access-list 101 permit udp host 10.1.250.4 any eq 0
access-list 101 permit udp host 10.1.250.4 any eq discard
access-list 101 permit udp host 10.1.250.4 any eq 16962
2013-05-08 at 06:06:00ID28121519TopicsNetwork Routers ,Network Management ,Windows Server 2012Participating Experts2Points500Comments2


For more Cisco WS-C3750X-24P-S information please click here
发帖者 时间:

没有评论:

发表评论

订阅: 博文评论 (Atom)