EasyManua.ls Logo

Cisco Catalyst 4500 Series - Applying Ipv6 Acls to Layer 2 and 3 Interface

Cisco Catalyst 4500 Series
1610 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
51-17
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
OL-25340-01
Chapter 51 Configuring Network Security with ACLs
Applying IPv6 ACLs to Layer 2 and 3 Interface
Applying IPv6 ACLs to Layer 2 and 3 Interface
To apply an IPv6 ACL to a Layer 3 interface, perform the following task:
Note IPv6 ACLs are supported on Layer 3 interfaces and on Layer 2 ports using the ipv6 traffic-filter
command.
The following example applies the extended-named IPv6 ACL simple-ipv6-acl to SVI 300 routed ingress
traffic:
Switch# configure terminal
Switch(config)# interface vlan 300
Switch(config-if)# ipv6 traffic-filter simple-ipv6-acl in
Note Output IPv6 ACLs with ACE to match on the ICMP option fail on a switch.
The following conditions may cause a RACL to malfunction (no workaround):
ACLs are applied on the output direction of the interface.
IPv6 ACL contain Ace to match on the ICMP option fields (ICMP Type or ICMP Code).
The following examples of nonfunctioning RACLs:
IPv6 access list a1
permit icmp any any nd-ns sequence 10
deny ipv6 any any sequence 20
IPv6 access list a2
permit icmp 2020::/96 any nd-ns sequence 10
deny ipv6 any any sequence 20
Configuring VLAN Maps
This section includes these topics:
VLAN Map Configuration Guidelines, page 51-18
Creating and Deleting VLAN Maps, page 51-19
Applying a VLAN Map to a VLAN, page 51-21
Using VLAN Maps in Your Network, page 51-22
This section describes how to configure VLAN maps, which is the only way to control filtering within
a VLAN. VLAN maps have no direction. To filter traffic in a specific direction by using a VLAN map,
you need to include an ACL with specific source or destination addresses. If there is a match clause for
Command Purpose
Step 1
Switch# configure terminal
Enters global configuration mode.
Step 2
Switch(config)# interface interface-type
slot/interface
Specifies the interface to be configured.
Note interface-type must be a Layer 3 interface.
Step 3
Switch(config-if)# ipv6 traffic-filter
ipv6-acl {in|out}
Applies the IPv6 ACL to a Layer 3 interface.

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Software Configuration Guide
Software Configuration Guide2086 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Message Guide
Message Guide146 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages
Preview: Datasheet
Datasheet11 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Overview
Overview46 pages

Related product manuals