Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
570
Views
0
Helpful
1
Replies

cts role-based enforcement on layer 2 switch?

Josh Morris
Level 3
Level 3

‎09-29-2016 07:45 AM - edited ‎03-11-2019 12:07 AM

I have been troubleshooting a TCAM exhaustion issue on a 4500 (v3.6.3). The issue resolves itself when I remove 'cts role-based enforcement' from my global config. My question, do I really need that command for a L2 only switch? I still have the command 'cts role-based enforcement vlan-list all' enabled. Do I need both commands or just the vlan-list command? I am trying to do SGTs with SGACL enforcement. Thanks.

Labels:
0 Helpful
1 Reply 1

greyiago85
Level 4
Level 4

‎10-06-2016 08:28 AM

"cts role-based enforcement" is the global command for SGT enforcement, so you need that to handle SGTs.

0 Helpful
Customers Also Viewed These Support Documents