Difference between revisions of "Access-list IPv6 Cisco IOS"
From Teknologisk videncenter
m (→Reflexive ACL) |
m |
||
Line 1: | Line 1: | ||
+ | Cisco Access Lists for [[IPv6]] for IPv4 see [[Access-list Cisco IOS]] | ||
=Standard ACL= | =Standard ACL= | ||
<source lang=cli> | <source lang=cli> |
Revision as of 12:51, 5 June 2011
Cisco Access Lists for IPv6 for IPv4 see Access-list Cisco IOS
Standard ACL
ipv6 access-list PERMIT-LOCAL
permit ipv6 2001:16D8:DD85:4::/64 any
deny ipv6 2001:16D8:DD85:4::/64 2001:16D8:DD85:3::/64
!
interface FastEthernet0/1
ipv6 traffic-filter PERMIT-LOCAL out
Extended ACL
ipv6 access-list DMZ
permit tcp any 2001:16D8:DD85:4::/64 eq www
permit tcp any 2001:16D8:DD85:4::/64 eq 443
permit tcp any 2001:16D8:DD85:4::/64 eq smtp
!
interface FastEthernet0/1
ipv6 traffic-filter DMZ in
Reflexive ACL
ipv6 access-list OUTGOING
permit tcp 2001:410:0:2::/64 any reflect REFLECTOUT
permit udp 2001:410:0:2::/64 any reflect REFLECTOUT
deny ipv6 FC00::/7 any
permit icmp any any
deny ipv6 any any log
!
ipv6 access-list INCOMING
permit icmp any any
evaluate REFLECTOUT
deny ipv6 any any log
!
interface FastEthernet0/1
ipv6 traffic-filter INCOMING in
ipv6 traffic-filter OUTGOING out