Cisco Catalyst X4232 Installation And Configuration Note page 39

addresses within the subnet and forwards all traffic between hosts in the subnet. Use this feature only
on subnets where hosts are intentionally prevented from communicating directly by the configuration
on the switch to which they are connected.
The local proxy ARP feature is disabled by default. Use the ip local-proxy-arp interface configuration
command to enable the local proxy ARP feature on an interface. Use the no ip local-proxy-arp
interface configuration command to disable the feature. ICMP redirects are disabled on interfaces where
the local proxy ARP feature is enabled.
To use the local proxy ARP feature, the IP proxy ARP feature must be enabled. The IP proxy ARP
feature is disabled by default. Refer to the Cisco IOS Release 12.0 Network Protocols Configuration
Guide Part 1, "IP Addressing and Services," "Configuring IP Addressing," "Configure Address
Resolution Methods," at:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np1_c/1cprt2/1cipadr.htm
RADIUS Server
The RADIUS feature is a distributed client/server system that secures networks against unauthorized
access. In the Cisco implementation, RADIUS clients run on Cisco routers and send authentication
requests to a central RADIUS server that contains all user authentication and network service access
information.
RADIUS is a fully open protocol, distributed in source code format, that can be modified to work with
any security system currently available on the market.
Cisco supports RADIUS under its AAA security paradigm. RADIUS can be used with other AAA
security protocols, such as TACACS+, Kerberos, or local username lookup. RADIUS is supported on
all Cisco platforms. Refer to the Cisco IOS Release 12.0 Security Configuration Guide, "Security
Server Protocols," "Configuring RADIUS," at:
http://cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/secur_c/scprt2/scrad.htm
Overview of the Layer 2 Interfaces
Assuming the Layer 3 Services module resides in slot 2, the port numbering is 2/1 and 2/2 for the
internal Gigabit Ethernet ports, and 2/3 through 2/34 for the external 10/100 ports. Ports 2/3 through
2/34 are directly accessible via the external RJ-45 connectors. Ports 2/1 and 2/2 are internal ports and
have no external interfaces.
Note The 2/1 and 2/2 ports are internal WS-X4232-L3 ports. There are actually four Gigabit
Ethernet ports on the daughter card; two ports are external (G1 and G2) and two are
internal (G3 and G4). You will configure the external ports using Cisco IOS Layer 3
software only and the internal ports using Cisco IOS Layer 3 and the Layer 2 Supervisor.
You must use Cisco IOS to configure G3 and G4 and the supervisor to configure ports 2/1
and 2/2.
Overview of the Layer 3 Gigabit Ethernet Interfaces
To the Catalyst 4000 family switch, the Layer 3 Services module appears to be an external router
connected to the switch through two internal full-duplex Gigabit Ethernet ports.
78-10164-03
Overview of the Catalyst 4003 and 4006 Layer 3 Services Module Interfaces
Installation and Configuration Note for the Catalyst 4000 Layer 3 Services Module
39