Access Control
IPv6-Based ACLs
STEP 1
STEP 2
STEP 3
STEP 4
Cisco 500 Series Stackable Managed Switch Administration Guide
Click Access Control > IPv6-Based ACE.
This window contains the ACE (rules) for a specified ACL (group of rules).
Select an ACL, and click Go. All currently-defined IP ACEs for the selected ACL are
displayed.
Click Add.
Enter the parameters.
•
ACL Name—Displays the name of the ACL to which an ACE is being added.
•
Priority—Enter the priority. ACEs with higher priority are processed first.
•
Action—Select the action assigned to the packet matching the ACE. The
options are as follows:
-
Permit—Forward packets that meet the ACE criteria.
-
Deny—Drop packets that meet the ACE criteria.
-
Shutdown—Drop packets that meet the ACE criteria, and disable the
port to which the packets were addressed. Ports are reactivated from the
Port Management page.
•
Logging—Select to enable logging ACL flows that match the ACL rule.
•
Time Range—Select to enable limiting the use of the ACL to a specific time
range.
•
Time Range Name—If Time Range is selected, select the time range to be
used. Time ranges are described in the
•
Protocol—Select to create an ACE based on a specific protocol. Select Any
(IPv6) to accept all IP protocols. Otherwise select one of the following
protocols:
-
TCP—Transmission Control Protocol. Enables two hosts to communicate
and exchange data streams. TCP guarantees packet delivery, and
guarantees that packets are transmitted and received in the order they
were sent.
-
UDP—User Datagram Protocol. Transmits packets but does not
guarantee their delivery.
-
ICMP—Matches packets to the Internet Control Message Protocol
(ICMP).
Configuring System Time
27
section.
592