Jose, One way to begin tunning your environment would be to create class-maps which rely on ACLs to properly categorize the traffic. In the class-map, you may want to specific the conform action to be "transmit" and the exceed action to be transmit as well. This should ensure that the traffic that you are categorizing in CoPP will still transmit even if it exceeds the bandwidth you specified, but will still increment your exceed counter if the bandwidth you specified is not enough. Later all you will have to do is adjust your bandwidth to higher amount until you do not see the exceed counter increment. When using the "show policy-map control-plane-policy" command be aware that the output may be limiited to a small window of time.
ip access-list ex test_ssh permit ip any any eq ssh permit ip any eq ssh any exit
class-map test_ssh match access-group test_ssh
policy-map control-plane-policy !notice the exceed action of "transmit" below class test_ssh police rate 100 10 conform-action transmit exceed-action transmit exit
control plane service-policyinput control-plane-policy end show policy-map control-plane-policy
Hopefully my syntax is correct, I do not have a router in front of me right now.
IntroductionComponentsISE ConfigurationEnd user perspective and Validation
Cisco Identity Services Engine (ISE) gives you intelligent Integrated protection through intent-based policy and compliance solution. ISE supports external MDM ...
This video provides the steps to configure the Cisco Threat Response (CTR) and ESA Integration.
This is live on the portal:https://video.cisco.com/video/6159336218001
And on YouTube:https://www.youtube.com/watch?v=UCKIdx5rdFg
I need to migrate from C170 to C190 and have already match to the same Firmware Version. I have a question. Is there any method that can export and import the configuration file instead of form cluster ?
This AMA will serve as the Q&A for the Cisco Live Digital breakout DGTL-BRKSEC-1011 - "A Challenger Appears: Defending Mailboxes in the Cloud" which covers a brand new product which will be announced during the event: Cloud Mailbox Defense.