Filter
Top Products
130 Summit 200 Series Switch Installation and User Guide
Access Policies
• Export Filter—Use an access profile to determine which RIP routes are advertised into a particular
VLAN, using the following command:
config rip vlan [<name> | all] export-filter [<access_profile> | none]
Examples
In the example shown in Figure 22, a switch is configured with two VLANs, Engsvrs and Backbone. The
RIP protocol is used to communicate with other routers on the network. The administrator wants to
allow all internal access to the VLANs on the switch, but no access to the router that connects to the
Internet. The remote router that connects to the Internet has a local interface connected to the corporate
backbone. The IP address of the local interface connected to the corporate backbone is 10.0.0.10/24.
Figure 22: RIP access policy example
Assuming the backbone VLAN interconnects all the routers in the company (and, therefore, the Internet
router does not have the best routes for other local subnets), the commands to build the access policy
for the switch would be:
create access-profile nointernet ipaddress
config access-profile nointernet mode deny
config access-profile nointernet add 10.0.0.10/32
config rip vlan backbone trusted-gateway nointernet
Internet
Backbone (RIP)
SalesEngsvrs
Switch being
configured
10.0.0.10 / 24
10.0.0.11 / 24
10.1.1.1 / 24 10.2.1.1 / 24
10.0.0.12 / 24
LC2401
1