Security: IPv6 First Hop Security
Configuring IPv6 First Hop Security through Web GUI
Cisco 500 Series Stackable Managed Switch Administration Guide 536
23
- Any—Any configuration methods (stateless and manual) are allowed for
global IPv6 bound from NDP messages
- Stateless—Only stateless auto configuration is allowed for global IPv6
bound from NDP messages.
- Disable—Binding from NDP messages is disabled.
• Binding from DHCPv6 Messages—Binding from DHCPv6 is allowed.
Neighbor Binding Entry Limits—Specify the maximum number of Neighbor
Binding entries per type of interface or address:
• Entries Per VLAN—Specifies the neighbor binding limit per VLAN. Select
either No Limit or enter a User Defined value.
• Entries Per Interface—Specifies the neighbor binding limit per interface.
Select either No Limit or enter a User Defined value.
• Entries Per MAC Address—Specifies the neighbor binding limit per MAC
address. Select either No Limit or enter a User Defined value.
STEP 3 If required, click Add to create a Neighbor Binding policy.
STEP 4 Enter the following fields:
• Policy Name—Enter a user-defined policy name.
• Device Role—Select one of the following options to specify the role of the
device attached to the port for the Neighbor Binding policy.
- Inherited—Role of device is inherited from either the VLAN or system
default (client).
- Perimeter—Port is connected to devices not supporting IPv6 First Hop
Security.
- Internal—Port is connected to devices supporting IPv6 First Hop
Security.
• Neighbor Binding Logging—Select one of the following options to specify
logging:
- Inherited—Logging option is the same as the global value.
- Enable—Enable logging of Binding table main events.
- Disable—Disable logging of Binding table main events.
To Next Page
Loading...
