System information

Access Control

IPv6-based ACLs

Cisco Small Business 300 Series Managed Switch Administration Guide 242

Defining a Rule (ACE) for an IPv6-based ACL

STEP 1 Click Access Control > IPv6 Based ACE. The IPv6 Based ACE Page opens.

This window displays the ACE (rules) for a specified ACL (group of rules).

STEP 2 Select an ACL, and click Go. All currently-defined IP ACEs for the selected ACL are

displayed.

STEP 3 Click Add. The Add IPv6 Based ACE Page opens.

STEP 4 Enter the parameters.

• ACL Name—Displays the name of the ACL to which an ACE is being added.

• Priority—Enter the priority. ACEs with higher priority are processed first.

• Action—Select the action assigned to the packet matching the ACE. The

options are as follows:

- Permit—Forward packets that meet the ACE criteria.

- Deny—Drop packets that meet the ACE criteria.

- Shutdown—Drop packets that meet the ACE criteria, and disable the

port to which the packets were addressed. Ports are reactivated from the

Port Management page.

• Protocol—Select to create an ACE based on a specific protocol. Select Any

(IPv6) to accept all IP protocols. Otherwise select one of the following

protocols:

- TCP—Transmission Control Protocol. Enables two hosts to communicate

and exchange data streams. TCP guarantees packet delivery, and

guarantees that packets are transmitted and received in the order they

were sent.

- UDP—User Datagram Protocol. Transmits packets but does not

guarantee their delivery.

- ICMP—Matches packets to the Internet Control Message Protocol

(ICMP).

• Protocol ID to Match—Enter the ID of the protocol to be matched.

• Source IP Address—Select Any if all source address are acceptable or

User defined to enter a source address or range of source addresses.