EasyManua.ls Logo

iPECS ES-3052GP - Page 333

iPECS ES-3052GP
350 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
C
HAPTER
13
| Security Measures
Access Control Lists
– 333 –
ES-3052 Series
CONFIGURING AN
EXTENDED IPV6 ACL
Use the Security > ACL (Configure ACL - Add Rule - IPv6 Extended) page
to configure an Extended IPv6 ACL.
CLI REFERENCES
"permit, deny, redirect-to (Extended IPv6 ACL)" on page 733
"show ipv6 access-list" on page 735
"Time Range" on page 583
PARAMETERS
These parameters are displayed in the web interface:
Type – Selects the type of ACLs to show in the Name list.
Name – Shows the names of ACLs matching the selected type.
Action – An ACL can contain any combination of rules which permit or
deny a packet, or re-direct a packet to another port.
Interface – The unit and port to which a packet is redirected.
(This switch does not support stacking, so the unit is fixed at 1.)
Source/Destination Address Type – Specifies the source or
destination IP address. Use “Any” to include all possible addresses,
“Host” to specify a specific host address in the Address field, or
“IPv6-Prefix” to specify a range of addresses. (Options: Any, Host,
IPv6-Prefix; Default: Any)
Source/Destination IPv6 Address – An IPv6 address or network
class. The address must be formatted according to RFC 2373 “IPv6
Addressing Architecture,” using 8 colon-separated 16-bit hexadecimal
values. One double colon may be used in the address to indicate the
appropriate number of zeros required to fill the undefined fields. (The
switch only checks the first 64 bits of the destination address.)
Source/Destination Prefix-Length – A decimal value indicating how
many contiguous bits (from the left) of the address comprise the prefix;
i.e., the network portion of the address. (Range: 0-128 bits for the
source prefix, 0-8 bits for the destination prefix)
DSCP – DSCP traffic class. (Range: 0-63)
Next Header – Identifies the type of header immediately following the
IPv6 header. (Range: 0-255)
Optional internet-layer information is encoded in separate headers that
may be placed between the IPv6 header and the upper-layer header in
a packet. There are a small number of such extension headers, each
identified by a distinct Next Header value. IPv6 supports the values
defined for the IPv4 Protocol field in RFC 1700, and includes these
commonly used headers:
0: Hop-by-Hop Options (RFC 2460)
6: TCP Upper-layer Header (RFC 1700)
17: UDP Upper-layer Header (RFC 1700)

Table of Contents

Related product manuals