Reference Guide
Network Security 243
IPv6-Based ACEs
To add a rule to an IPv6-based ACL:
1
Click
Switching
>
Network Security
>
IPv6 Based ACE
to display the
IPv6 ACE: Summary
page.
The currently-defined rules for the selected ACL are displayed.
2
To add a rule click
Add ACE
.
3
Select a user-defined ACL for which a rule is being created.
4
Enter the following fields:
–
New Rule Priority
— Enter the ACE priority that determines which
ACE is matched to a packet, based on a first match.
–
Protocol Select from List
— Select to create an ACE, based on a
specific protocol. The following options are available:
•ICMP —
Internet Control Message Protocol (ICMP). The ICMP
allows the gateway or destination host to communicate with the
source host. For example, to report a processing error.
•
TCP
— Transmission Control Protocol (TCP). Enables two hosts
to communicate and exchange data streams. TCP guarantees
packet delivery, and guarantees packets are transmitted and
received in the order the are sent.
•UDP —
User Datagram Protocol (UDP). Communication
protocol that transmits packets but does not guarantee their
delivery.
•IPV6 —
Matches the packet to the IPV6 protocol.
–
Protocol ID To Match
— Enter a protocol.
–
Source Port
— Enter the TCP/UDP source port. Enter either a
Single
,
Range
or select
Any
to include all ports.
–
Destination Port
— Enter the TCP/UDP destination port. Enter
either a
Single
,
Range
or select
Any
to include all ports.
–
TCP Flags
— To use TCP flags, check the
TCP Flag
checkbox and
then check the desired flag(s).