CTS support on cisco L2 switch

Before posting something, READ the changelog, WATCH the videos, howto and provide following:
Your install is: Bare metal, ESXi, what CPU model, RAM, HD, what EVE version you have, output of the uname -a and any other info that might help us faster.

Moderator: mike

Post Reply
Richard70
Posts: 52
Joined: Sun Dec 23, 2018 9:53 am

CTS support on cisco L2 switch

Post by Richard70 » Sat Mar 28, 2020 6:13 pm

Hello,

I know that vios-L2 v20180619 has some cts capabilities (at least the commands are there in the cli) , but I don't manage to get it working.
For now this is a very simple test SW1 (Trunk port1) ----------- (Trunk port1) SW2 , but there is now tag added to frames from SW1 to SW2.
I tested with L3 ports instead of L2, same issue.
Finally I tested CSR1000v(so L3 ports), and the tag is properly added.
so the question: is this viosL2 version does really support cts, or is it just cosmetic ?
Any share experience greatly appreciated.
Thanks

Uldis (UD)
Posts: 5067
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: CTS support on cisco L2 switch

Post by Uldis (UD) » Sat Mar 28, 2020 6:37 pm

100% works with this image

i86bi_LinuxL2-AdvEnterpriseK9-M_152_May_2018.bin

Richard70
Posts: 52
Joined: Sun Dec 23, 2018 9:53 am

Re: CTS support on cisco L2 switch

Post by Richard70 » Sat Mar 28, 2020 11:15 pm

Thanks !

Richard70
Posts: 52
Joined: Sun Dec 23, 2018 9:53 am

Re: CTS support on cisco L2 switch

Post by Richard70 » Sun Mar 29, 2020 12:27 pm

Hi,
are you sure that cts inline tagging is working ok on this version ? I believe it is not.
cts is configurable, le switch can exchane cts pac & environment, but for me inline tagging doesn't work on L2 trunks (doesn't work on L3 ports either).
Below the basic config on each trunk port:

interface Ethernet0/0
switchport trunk encapsulation dot1q
switchport mode trunk
cts manual
policy static sgt 2 trusted

Uldis (UD)
Posts: 5067
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: CTS support on cisco L2 switch

Post by Uldis (UD) » Sun Mar 29, 2020 4:10 pm

This switch paired with ASA with PAC keys, worked well for me doing Secv5 task on it.
SGT gropus worked proerly on ASA after dot1x host authorization on IOL SW
Probably not all CTS things are supported on this SW...

Richard70
Posts: 52
Joined: Sun Dec 23, 2018 9:53 am

Re: CTS support on cisco L2 switch

Post by Richard70 » Sun Mar 29, 2020 9:58 pm

Are you using sxp between the sw and asa ?

Uldis (UD)
Posts: 5067
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: CTS support on cisco L2 switch

Post by Uldis (UD) » Mon Mar 30, 2020 1:42 am

yes CTS SXP peering IOL SW and ASA 9.1.6
all virtual
atached IOL SW cfg with CTS SXP
You do not have the required permissions to view the files attached to this post.

Richard70
Posts: 52
Joined: Sun Dec 23, 2018 9:53 am

Re: CTS support on cisco L2 switch

Post by Richard70 » Mon Mar 30, 2020 10:22 pm

Thank you.

Post Reply