Security: IPv6 First Hop Security
Configuring IPv6 First Hop Security through Web GUI
STEP 3
STEP 4
Cisco 350XG & 550XG Series 10G Stackable Managed Switches
-
User Defined—Verifies that the advertised preference value is greater
than or equal to this value. This value must be less than the Maximal
Preference value.
•
Maximal Preference—This field indicates whether the DHCPv6 Guard
policy will check the maximum advertised preference value of the packet
received. This value must be greater than the Minimal Preference value.
-
No Verification—Disables verification of the lower boundary of the hop
count limit.
-
User Defined—Verifies that the advertised preference value is less than
or equal to this value.
If required, click Add to create a DHCPv6 policy.
Enter the following fields:
•
Policy Name—Enter a user-defined policy name.
•
Device Role—Select either Server or Client to specify the role of the device
attached to the port for DHCPv6 Guard.
-
Inherited—Role of device is inherited from either the VLAN or system
default (client).
-
Client—Role of device is client.
-
Server—Role of device is server.
•
Match Reply Prefixes—Select to enable verification of the advertised
prefixes in received DHCP reply messages within a DHCPv6 Guard policy.
-
Inherited—Value is inherited from either the VLAN or system default (no
verification).
-
No Verification—Advertised prefixes are not verified.
-
Match List— IPv6 prefix list to be matched.
•
Match Server Address—Select to enable verification of the DHCP server's
and relay's IPv6 address in received DHCP reply messages within a
DHCPv6 Guard policy.
-
Inherited—Value is inherited from either the VLAN or system default (no
verification).
-
No Verification—Disables verification of the DHCP server's and relay's
IPv6 address.
24
522