EasyManua.ls Logo

Enterasys C5G124-24

Enterasys C5G124-24
452 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Configuring ACLs
Fixed Switch Configuration Guide 24-9
Example
The following example puts the switch into ipv6mode, creates an IPv6 ACL, and associates it with
VLAN 200.
C5(su)->router
C5(su)->router>enable
C5(su)->router#show access-lists ipv6mode
ipv6mode disabled
C5(su)->router#configure
Enter configuration commands:
C5(su)->router(Config)#access-list ipv6mode
Changing ipv6mode will result in a system reset.
Do you wish to proceed? (y/n) y
C5(su)->router
C5(su)->router>enable
C5(su)->router#configure
Enter configuration commands:
C5(su)->router(Config)#access-list ipv6 ipv6list1 deny icmpv6 2001:db08:10::1/64
any
C5(su)->router(Config)#access-list ipv6 ipv6list1 permit tcp 2001:db08:20::20/64
eq snmp any assign-queue 5
C5(su)->router(Config)#access-list ipv6 ipv6list1 permit ipv6 2001:FFFF:30::30/64
any
3. After the switch resets, return to global router
configuration mode, create the ACL and define
the rules.
access-list ipv6 name {deny |
permit} protocol {srcipv6-addr/
prefix-length | any} [eq port]
{dstipv6-addr/prefix-length | any}
[eq port] [dscp dscp] [flow-label
label-value] [assign-queue queue-id]
4. Optionally, insert new or replace existing rules. access-list ipv6 name insert |
replace entryno {deny | permit}
protocol srcipv6-addr/prefix-length
[eq port] dstipv6-addr/prefix-length
[eq port] [dscp dscp] [flow-label
label-value] [
assign-queue queue-id]
5. Optionally, move entries within the ACL access-list ipv6 name move
destination source1 [source2]
6. Display the contents of the ACL show access-lists name
7. Apply the ACL:
7a In router interface configuration mode, apply to a
routing VLAN interface
ipv6 access-group acl-name in
[sequence sequence]
7b In global router configuration mode, apply to an
interface
access-list interface acl-name port-
string in [sequence sequence]
8. Optionally, display the ACLs associated with a
VLAN or port.
show access-lists [interface [port-
string]] | [vlan [vlan-id]]
9. Optionally, delete an entire ACL or a single rule
or range of rules.
no access-list ipv6 acl-name
[entryno [entryno]]
Procedure 24-2 Configuring IPv6 ACLs (continued)
Step Task Command(s)

Table of Contents

Other manuals for Enterasys C5G124-24

Preview: Quick Reference
Quick Reference2 pages

Related product manuals