Cisco Catalyst 4500 Series - Configuring Ipv6 OG Acls

To Next Page

To Previous Page

62-46

Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex

Chapter 62 Configuring Network Security with ACLs

Configuring Object Group ACLs

Configuring IPv6 OG ACLs

• Guidelines and Restrictions for Configuring IPv6 OG ACLs, page 62-46

• Creating a IPv6 Address Network Object Group, page 62-46

• Creating an IPv6 Service Object Group, page 62-47

• Configuring an IPv6 OG ACL, page 62-48

• Applying an IPv6 OG ACL to an Interface, page 62-48

• Verifying IPv6 OG ACLs, page 62-49

Guidelines and Restrictions for Configuring IPv6 OG ACLs

• IPv6 OG ACLs are supported only on Layer 3 interfaces (such as routed interfaces and VLAN

interfaces).

• Only Cisco IOS ACLs are supported. It is not supported with any other features. The reflexive and

evaluate keywords are not supported.

• Only named extended Cisco IOS ACLs are supported. Numbered ACLs are not supported. As with

regular ACEs, you can associate the same access policy with one or more interfaces.

• Feature interactions for IPv6 OG ACLs are the same as for Cisco IOS ACLs.

• The maximum number of object group-based ACEs supported in an IPv6 OG ACL is 2048.

Creating a IPv6 Address Network Object Group

To create an IPv6 address network object group, perform this task:

Command or Action Purpose

Step 1

configure terminal

Example:

Switch# configure terminal

Enters global configuration mode.

Step 2

object-group v6-network object-group-name

Example:

Switch(config)# object-group v6-network myOG

Defines the object group name and enters IPv6-address

network object-group configuration mode.

Step 3

{ipv6-source-prefix | ipv6-source-prefix| description

descripton-text | exit | group-object| host

{host-address | host-name} | no

Example:

Switch(config-service-group)# description

example of network object group

Switch(config-v6network-group)# host 2001::1

(Optional) Configures a member of the group and specifies

a description of the object group.

For the object group, you can configure a network address

plus mask or a host (identified by host name or IPv6

address).

Main Page

Cisco Catalyst 4500 Series - Configuring Ipv6 OG Acls

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Related product manuals