Verifying Ipv6 Acls - Cisco 10000-2P2-2DC Software Configuration Manual

Chapter 24 Configuring IP Version 6
DETAILED STEPS
Command or Action
Step 1
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface type number
Example:
Router(config)# interface ethernet 0
Step 4
ipv6 traffic-filter access-list-name {in | out}
Example:
Router(config-if)# ipv6 traffic-filter outbound
out

Verifying IPv6 ACLs

In the following example, the show ipv6 access-list command is used to verify that IPv6 ACLs are
configured correctly:
Router> show ipv6 access-list
IPv6 access list inbound
IPv6 access list tcptraffic (reflexive) (per-user)
IPv6 access list outbound
For a description of each output display field, see the show ipv6 access-list command in the IPv6 for
Note
Cisco IOS Command Reference document.
OL-2226-23
permit tcp any any eq bgp reflect tcptraffic (8 matches) sequence 10
permit tcp any any eq telnet reflect tcptraffic (15 matches) sequence 20
permit udp any any reflect udptraffic sequence 30
permit tcp host 2001:0DB8:1::32 eq bgp host 2001:0DB8:2::32 eq 11000 timeout 300 (time
left 243) sequence 1
permit tcp host 2001:0DB8:1::32 eq telnet host 2001:0DB8:2::32 eq 11001 timeout 300
(time left 296) sequence 2
evaluate udptraffic
evaluate tcptraffic
Purpose
Enables privileged EXEC mode.
Enter your password if prompted.
•
Enters global configuration mode.
Specifies the interface type and number, and enters interface
configuration mode.
Applies the specified IPv6 access list to the interface
specified in the previous step.
The in keyword filters incoming IPv6 traffic on the
•
specified interface.
The out keyword filters outgoing IPv6 traffic on the
•
specified interface.
Cisco 10000 Series Router Software Configuration Guide
IPv6 Extended ACLs
24-7