Configuration Examples For Ipv6 Acls - Cisco Catalyst 2960 series Configuration Manual
Consolidated platform configuration guide, ios release 15.2(4)e
Hide thumbs
Also See for Catalyst 2960 series:
- Software configuration manual (980 pages) ,
- Command reference manual (800 pages) ,
- Configuration manual (120 pages)
Table of Contents
Advertisement
Configuration Examples for IPv6 ACLs
Command or Action
Step 3
ipv6 access-list access-list-name
Example:
Device(config)# ipv6 access-list hbh-acl
Step 4
permit protocol {source-ipv6-prefix/prefix-length | any | host
source-ipv6-address | auth} [operator [port-number]]
{destination-ipv6-prefix/prefix-length | any | host destination-ipv6-address |
auth} [operator [port-number]] [dest-option-type [header-number |
header-type]] [dscp value] [flow-label value] [fragments] [hbh] [log]
[log-input] [mobility] [mobility-type [mh-number | mh-type]] [reflect name
[timeout value]] [routing] [routing-type routing-number] [sequence value]
[time-range name]
Example:
Device(config-ipv6-acl)# permit icmp any any dest-option-type
Step 5
deny protocol {source-ipv6-prefix/prefix-length | any | host
source-ipv6-address | auth} [operator [port-number]]
{destination-ipv6-prefix/prefix-length | any | host destination-ipv6-address |
auth} [operator [port-number]] [dest-option-type [header-number |
header-type]] [dscp value] [flow-label value] [fragments] [hbh] [log]
[log-input] [mobility] [mobility-type [mh-number | mh-type]] [routing]
[routing-type routing-number] [sequence value] [time-range name]
[undetermined-transport]
Example:
Device(config-ipv6-acl)# deny icmp any any dest-option-type
Step 6
end
Example:
Device (config-ipv6-acl)# end
Configuration Examples for IPv6 ACLs
Example: Configuring IPv6 ACLs
This example configures the IPv6 access list named CISCO. The first deny entry in the list denies all packets
that have a destination TCP port number greater than 5000. The second deny entry denies packets that have
a source UDP port number less than 5000. The second deny also logs all matches to the console. The first
permit entry in the list permits all ICMP packets. The second permit entry in the list permits all other traffic.
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1230
Purpose
Defines an IPv6 ACL and enters IPv6
access list configuration mode.
Sets permit conditions for the IPv6
ACL.
Sets deny conditions for the IPv6 ACL.
Returns to privileged EXEC
configuration mode.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
