Security: IPv6 First Hop Security
Configuring IPv6 First Hop Security through Web GUI
Cisco 500 Series Stackable Managed Switch Administration Guide 528
23
Configuring IPv6 First Hop Security through Web GUI
FHS Common Settings
Use the FHS Settings page to enable the FHS Common feature on a specified
group of VLANs and to set the global configuration value for logging of dropped
packets. If required, a policy can be added or the packet drop logging can be
added to the system-defined default policy.
To configure IPv6 First Hop Security common parameters:
STEP 1 Click Security > IPv6 First Hop Security > FHS Settings.
The currently-defined polices are displayed.
STEP 2 Enter the following global configuration fields:
• FHS VLAN List—Enter one or more VLANs on which IPv6 First Hop
Security is enabled.
• Packet Drop Logging—Select to create a SYSLOG when a packet is
dropped by a First Hop Security policy. This is the global default value if no
policy is defined.
STEP 3 Click Apply to add the settings to the Running Configuration file.
STEP 4 Create a FHS policy if required by clicking Add.
Enter the following fields:
• Policy Name—Enter a user-defined policy name.
• Packet Drop Logging—Select to create a SYSLOG when a packet is
dropped as a result of a First Hop Security feature within this policy.
- Inherit—Use the value from the VLAN or the global configuration.
- Enable—Create a SYSLOG when a packet is dropped as a result of First
Hop Security.
- Disable—Do not create a SYSLOG when a packet is dropped as a result
of First Hop Security.
To attach this policy to an interface:
• Attach Policy to VLAN—Click to jump to Policy Attachment (VLAN) page
where you can attach this policy to a VLAN.
To Next Page
Loading...
