Table of Contents
Advertisement
Configuring IPv6 ACLs
Configuring IPv6 ACLs
DETAILED STEPS
Command
1.
configure terminal
2.
ipv6 access-list access-list-name
3.
a
{deny | permit} protocol
{source-ipv6-prefix/prefix-length | any |
host source-ipv6-address} [operator
[port-number]] {destination-ipv6-prefix/
prefix-length | any |
host destination-ipv6-address}
[operator [port-number]]
[dscp value] [fragments] [log]
[log-input] [routing] [sequence value]
[time-range name]
Purpose
Enter global configuration mode.
Define an IPv6 access list using a name, and enter IPv6
access-list configuration mode.
Deny or permit the packet, when specified conditions are
matched. These are the conditions:
protocol–Name or number of an Internet protocol:
ahp, esp, icmp, ipv6, pcp, stcp, tcp, or udp, or an
integer in the range 0 to 255 representing an IPv6
protocol number. For additional specific parameters
for ICMP, TCP, and UDP, see Steps 3b through 3d.
source-ipv6-prefix/prefix-length or
destination-ipv6-prefix/ prefix-length–Source or
destination IPv6 network or class of networks for
which to set deny or permit conditions, specified in
hexadecimal and using 16-bit values between colons.
Enter any as an abbreviation for the IPv6 prefix ::/0.
host source-ipv6-address or
destination-ipv6-address– Define source or
destination IPv6 host address for which to set deny or
permit conditions, specified in hexadecimal and using
16-bit values between colons.
(Optional) operator–Operand that compares the
source or destination ports of the specified protocol
such as
lt (less than), gt (greater than), eq (equal), neq (not
equal), and range.
If the operator follows the
source-ipv6-prefix/prefix-length argument, it must
match the source port. If the operator follows the
destination-ipv6- prefix/prefix-length argument, it
must match the destination port.
784
- Quick Links:
- Configuration Overview
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
