User Manual
IPv6 Access Control Lists (ACLs)
Configuring and Assigning an IPv6 ACL
ACL Configuration Structure
Individual ACEs in an IPv6 ACL include:
■ Optional remark statements
■ A permit/deny statement
■ Source and destination IPv6 addressing
■ Choice of IPv6 criteria
■ Optional ACL log command (for deny entries)
ipv6 access-list < identifier >
[ seq-# ]
[ remark < remark-str ]
< permit | deny >
0 - 255
esp
ah
sctp
icmp
< SA > [operator < value >]
< DA > [operator < value >] [type [code] | icmp-msg ] [dscp < codepoint | precedence >]
ipv6
tcp
< SA > [operator < value >]
< DA > [operator < value >]
[dscp < codepoint | precedence]
[established]
[ack | fin | rst | syn]
udp
< SA > [operator < value >]
< DA > [operator < value >] [dscp < codepoint | precedence ]
[log] (Allowed only with “deny” ACEs.)
. . .
< Implicit Deny Any Any >
exit
Figure 8-7. General Structure Options for an IPv6 ACL
8-36