Cisco 3750G - Catalyst Integrated Wireless LAN Controller Configuration Manual page 954
Software configuration guide
Hide thumbs
Also See for 3750G - Catalyst Integrated Wireless LAN Controller:
- Configuration manual (40 pages) ,
- Getting started manual (49 pages)
Table of Contents
Advertisement
Configuring IPv6 ACLs
Command
Step 3b
deny | permit tcp
{source-ipv6-prefix/prefix-length
| any | host source-ipv6-address}
[operator [port-number]]
{destination-ipv6-
prefix/prefix-length | any | host
destination-ipv6-address}
[operator [port-number]] [ack]
[dscp value] [established] [fin]
[log] [log-input] [neq {port |
protocol}] [psh] [range {port |
protocol}] [rst] [sequence value]
[syn] [time-range name] [urg]
Step 3c
deny | permit udp
{source-ipv6-prefix/prefix-length
| any | host source-ipv6-address}
[operator [port-number]]
{destination-ipv6-prefix/prefix-le
ngth | any | host
destination-ipv6-address}
[operator [port-number]] [dscp
value] [log] [log-input] [neq
{port | protocol}] [range {port |
protocol}] [sequence value]
[time-range name]
Step 3d
deny | permit icmp
{source-ipv6-prefix/prefix-length
| any | host source-ipv6-address}
[operator [port-number]]
{destination-ipv6-prefix/prefix-le
ngth | any | host
destination-ipv6-address}
[operator [port-number]]
[icmp-type [icmp-code] |
icmp-message] [dscp value] [log]
[log-input] [sequence value]
[time-range name]
Step 4
end
Step 5
show ipv6 access-list
Step 6
copy running-config
startup-config
Catalyst 3750 Switch Software Configuration Guide
38-6
Purpose
(Optional) Define a TCP access list and the access conditions.
Enter tcp for Transmission Control Protocol. The parameters are the same as
those described in Step 3a, with these additional optional parameters:
ack—Acknowledgment bit set.
•
established—An established connection. A match occurs if the TCP
•
datagram has the ACK or RST bits set.
fin—Finished bit set; no more data from sender.
•
neq {port | protocol}—Matches only packets that are not on a given port
•
number.
psh—Push function bit set.
•
range {port | protocol}—Matches only packets in the port number range.
•
rst—Reset bit set.
•
•
syn—Synchronize bit set.
•
urg—Urgent pointer bit set.
(Optional) Define a UDP access list and the access conditions.
Enter udp for the User Datagram Protocol. The UDP parameters are the same as
those described for TCP, except that the [operator [port]] port number or name
must be a UDP port number or name, and the established parameter is not valid
for UDP.
(Optional) Define an ICMP access list and the access conditions.
Enter icmp for Internet Control Message Protocol. The ICMP parameters are the
same as those described for most IP protocols in Step 3a, with the addition of the
ICMP message type and code parameters. These optional keywords have these
meanings:
icmp-type—Enter to filter by ICMP message type, a number from 0 to 255.
•
icmp-code—Enter to filter ICMP packets that are filtered by the ICMP
•
message code type, a number from 0 to 255.
icmp-message—Enter to filter ICMP packets by the ICMP message type
•
name or the ICMP message type and code name. To see a list of ICMP
message type names and code names, use the ? key or see command
reference for this release.
Return to privileged EXEC mode.
Verify the access list configuration.
(Optional) Save your entries in the configuration file.
Chapter 38
Configuring IPv6 ACLs
OL-8550-02
Advertisement
Chapters
Table of Contents
Troubleshooting
