Cisco 500 Series Administration Manual page 594

Access Control
IPv6-Based ACLs
STEP 1
STEP 2
STEP 3
STEP 4
Cisco 500 Series Stackable Managed Switch Administration Guide
Click Access Control > IPv6-Based ACE.
This window contains the ACE (rules) for a specified ACL (group of rules).
Select an ACL, and click Go. All currently-defined IP ACEs for the selected ACL are
displayed.
Click Add.
Enter the parameters.
• ACL Name—Displays the name of the ACL to which an ACE is being added.
• Priority—Enter the priority. ACEs with higher priority are processed first.
• Action—Select the action assigned to the packet matching the ACE. The
options are as follows:
- Permit—Forward packets that meet the ACE criteria.
- Deny—Drop packets that meet the ACE criteria.
- Shutdown—Drop packets that meet the ACE criteria, and disable the
port to which the packets were addressed. Ports are reactivated from the
Port Management page.
• Logging—Select to enable logging ACL flows that match the ACL rule.
• Time Range—Select to enable limiting the use of the ACL to a specific time
range.
• Time Range Name—If Time Range is selected, select the time range to be
used. Time ranges are described in the
• Protocol—Select to create an ACE based on a specific protocol. Select Any
(IPv6) to accept all IP protocols. Otherwise select one of the following
protocols:
- TCP—Transmission Control Protocol. Enables two hosts to communicate
and exchange data streams. TCP guarantees packet delivery, and
guarantees that packets are transmitted and received in the order they
were sent.
- UDP—User Datagram Protocol. Transmits packets but does not
guarantee their delivery.
- ICMP—Matches packets to the Internet Control Message Protocol
(ICMP).
Configuring System Time
27
section.
592