Manualshelf

Specifications

ManualsBrandsCisco ManualsDocking StationAccess Registrar 3.5
251252253254255256257258259260
2-200
Catalyst 4500 Series Switch Cisco IOS Command Reference—Release IOS XE 3.3.0XO(15.1(1)XO)
OL_28738-01
Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switches
epm access control
epm access control
To configure access control, use the epm access control [open | default] command.
epm access control [open | default]
Syntax Description
Defaults If the epm acce ss co ntrol com mand is not configured, the be havior defaults to the epm access control
default command. Nothing is nvgened.
Command Modes Configuration mode
Usage Guidelines W hen you enter the epm access control command, it is nvgen’d.
If no ACLs are downloaded from the ACS server wh en a host is authenticated, the host is restricted by
the port ACLs and do not receive additional permissions. In such a scenario, if you enter the epm access
control open command, a permit ip host any entry is created for the host after authentication. This entry
is created only if no ACLs are downloade d from the ACS.
The epm access cont rol open command is particularly useful in authentication open mode. Traffic from
a host is allowed to pass even before the host is authenticated. This traffic is restricted by the port ACL.
In such a scenario, if no ACLs are downloaded from the ACS, the host will not receive any additional
permissions. Even after authentication, the host is still restricted by the port ACL. If epm access control
open is configured, complete access is granted upon authentication.
If epm access co ntrol d efau lt is configured an d no ACL is downloaded, port ACL is the only ACL on
the port. This is how access contro l functioned prior to Ci sco IOS Release 12.2(54) SG.
Examples The following example shows how to enable ope n access control:
Switch(config)# epm access control open
The following example shows how to en able default access contro l:
Switch(config)# epm access control default
Related Commands
open Specifies open access control.
default Specifies default access control.
Command Description
show ipv6 snoopi ng co unters Displ ays the numb er of pa ckets dropped p er port due to RA
Guard.