Security: IPv6 First Hop Security
Configuring IPv6 First Hop Security through Web GUI
STEP 4
Cisco 350XG & 550XG Series 10G Stackable Managed Switches
Enter the following fields:
•
Policy Name—Enter a user-defined policy name.
•
Device Role—Select one of the following options to specify the role of the
device attached to the port for the Neighbor Binding policy.
-
Inherited—Role of device is inherited from either the VLAN or system
default (client).
-
Perimeter—Port is connected to devices not supporting IPv6 First Hop
Security.
-
Internal—Port is connected to devices supporting IPv6 First Hop
Security.
•
Neighbor Binding Logging—Select one of the following options to specify
logging:
-
Inherited—Logging option is the same as the global value.
-
Enable—Enable logging of Binding table main events.
-
Disable—Disable logging of Binding table main events.
•
Address Prefix Validation—Select one of the following options to specify
validation of addresses:
-
Inherited—Validation option is the same as the global value.
-
Enable—Enable validation of addresses.
-
Disable—Disable validation of addresses
Global Address Binding Configuration:
•
Inherit Address Binding Settings—Enable to use the global address
binding settings.
•
Binding from NDP Messages—To change the global configuration of
allowed configuration methods of global IPv6 addresses within an IPv6
Neighbor Binding policy, select one of the following options:
-
Any—Any configuration methods (stateless and manual) are allowed for
global IPv6 bound from NDP messages
-
Stateless—Only stateless auto configuration is allowed for global IPv6
bound from NDP messages.
-
Disable—Binding from NDP messages is disabled.
24
527