Mediant MSBRs 14 Document #: LTRT-31828
Security Setup
3.1 Configuration Example
This example configures an IPv6 ACL rule. Configuration is applied at firewall index for line
10, 20, and then 15.
# configure data
(config-data)# ipv6 access-list extended 150
(config-ext6-nacl)# 10 permit ipv6 2000:100:1::0/64
2000:100:2::0/64 log
(config-ext6-nacl)# 20 permit ipv6 2000:102:1::0/64
2000:100:2::0/64 log
(config-ext6-nacl)# 15 permit ipv6 2000:101:1::0/64
2000:100:2::0/64 log
(config-ext6-nacl)# exit
(config-data)# exit
#
You can view the configured ACL using the following command:
(config-data)#
# show data access-lists
Extended IP access list 150
150 10 permit ipv6 2000:100:1::0/64 2000:100:2::0/64 log (0
matches)
150 15 permit ipv6 2000:101:1::0/64 2000:100:2::0/64 log (0
matches)
150 20 permit ipv6 2000:102:1::0/64 2000:100:2::0/64 log (0
matches)
You can add lines to the end of the ACL:
# configure data
(config-data)#
(config-data)# ipv access-list extended 150
(config-ext6-nacl)# 999 deny ip any any
(config-ext6-nacl)# exit
The ACL can be organized using the resequence command:
(config-data)# ipv6 access-list resequence 150 10 10
To Next Page
Loading...
Need help?
General
