ipv6 access-list
To define an IPv6 access list and to place the device in IPv6 access list configuration mode, use the ipv6
access-list command in global configuration mode. To remove the access list, use the no form of this command.
ipv6 access-list access-list-name | match-local-traffic | log-update threshold threshold-in-msgs | role-based
list-name
noipv6 access-list access-list-name | client permit-control-packets| log-update threshold | role-based list-name
Syntax Description
Creates a named IPv6 ACL (up to 64 characters in
length) and enters IPv6 ACL configuration mode.
access-list-name - Name of the IPv6 access list.
Names cannot contain a space or quotation mark, or
begin with a numeric.
ipv6 access-list-name
Enables matching for locally-generated traffic.match-local-traffic
Determines how syslog messages are generated after
the initial packet match.
threshold-in-msgs- Number of packets generated.
log-update threshold threshold-in-msgs
Creates a role-based IPv6 ACL.
role-based list-name
Command Default
No IPv6 access list is defined.
Command Modes
Global configuration
Command History
ModificationRelease
This command was reintroduced. This command was not supported
in Cisco IOS XE Denali 16.1.x and Cisco IOS XE Denali 16.2.x
Cisco IOS XE Denali 16.3.1
Usage Guidelines
IPv6 ACLs are defined by using the ipv6 access-listcommand in global configuration mode and their permit
and deny conditions are set by using the deny and permitcommands in IPv6 access list configuration mode.
Configuring the ipv6 access-listcommand places the device in IPv6 access list configuration mode--the device
prompt changes to Device(config-ipv6-acl)#. From IPv6 access list configuration mode, permit and deny
conditions can be set for the defined IPv6 ACL.
Command Reference, Cisco IOS XE Everest 16.5.1a (Catalyst 3650 Switches)
773
ipv6 access-list