Cisco Cisco IOS Software Release 12.2(16)B
SSG Port-Bundle Host Key
Prerequisites for SSG Port-Bundle Host Key
2
Cisco IOS Releases 12.2(16)B and 12.3(4)T
•
Configuration Examples for <Phrase Based on Module Title>, page 10
•
Additional References, page 10
•
Command Reference, page 12
Prerequisites for SSG Port-Bundle Host Key
The SSG Port-Bundle Host Key feature requires Cisco Service Selection Dashboard (SSD) Release
3.0(1) or Cisco SESM Release 3.1(1). If you are using an earlier release of SSD, disable the SSG
Port-Bundle Host Key feature using the no ssg port-map global configuration command.
3.0(1) or Cisco SESM Release 3.1(1). If you are using an earlier release of SSD, disable the SSG
Port-Bundle Host Key feature using the no ssg port-map global configuration command.
A default network must be configured and routable from SSG in order for the following commands to
be effective:
be effective:
•
destination access-list
•
destination range (without an IP address specified)
You must enable Cisco Express Forwarding (CEF) on the router before SSG functionality can be
enabled. You can disable CEF at the individual interface level without affecting SSG.
enabled. You can disable CEF at the individual interface level without affecting SSG.
You must enable SSG by using the ssg enable command before you can configure the SSG Port-Bundle
Host Key feature.
Host Key feature.
Restrictions for SSG Port-Bundle Host Key
The SSG Port-Bundle Host Key feature has the following restrictions:
•
The SSG Port-Bundle Host Key feature must be separately enabled at the SESM and at all connected
SSGs.
SSGs.
•
The SSG Port-Bundle Host Key feature can be enabled or the port-bundle length can be changed
only when there are no SSG host objects present.
only when there are no SSG host objects present.
•
All SSG source IP addresses configured with the source ip command must be routable in the
management network where the SESM resides.
management network where the SESM resides.
•
Overlapping subscriber IP addresses are supported only for hosts connected to SSG through routed
point-to-point interfaces.
point-to-point interfaces.
•
Overlapping IP users cannot come in on the same SSG downlink interface.
•
Overlapping IP users cannot be connected to the same service or to different services that are bound
to the same uplink interface.
to the same uplink interface.
•
For each SESM server, all connected SSGs must have the same port-bundle length.
•
RFC 1483 or local bridged or routed clients cannot have overlapping IP addresses, even across
different interfaces.
different interfaces.
Information About SSG Port-Bundle Host Key
To configure the SSG Port-Bundle Host Key feature, you should understand the following concepts:
•
Overview of SSG, page 3
•
Host Key Mechanism, page 3