Monitoring ipv6 access lists, Configuration examples for ipv6 access lists, Where to go next – Cisco ASA 5505 User Manual
Page 423: Feature history for ipv6 access lists
19-7
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 19 Adding an IPv6 Access List
Monitoring IPv6 Access Lists
Monitoring IPv6 Access Lists
To monitor IPv6 access lists, perform one of the following tasks:
Configuration Examples for IPv6 Access Lists
The following example shows how to configure IPv6 access lists:
The following example allows any host using TCP to access the 3001:1::203:A0FF:FED6:162D server:
hostname(config)# ipv6 access-list acl_grp permit tcp any host 3001:1::203:A0FF:FED6:162D
The following example uses eq and a port to deny access to just FTP:
hostname(config)# ipv6 access-list acl_out deny tcp any host 3001:1::203:A0FF:FED6:162D eq
ftp
hostname(config)# access-group acl_out in interface inside
The following example uses lt to permit access to all ports less than port 2025, which permits access to
the well-known ports (1 to 1024):
hostname(config)# ipv6 access-list acl_dmz1 permit tcp any host 3001:1::203:A0FF:FED6:162D
lt 1025
hostname(config)# access-group acl_dmz1 in interface dmz1
Where to Go Next
Apply the access list to an interface. (See the
“Configuring Access Rules” section on page 34-7
information.)
Feature History for IPv6 Access Lists
lists each feature change and the platform release in which it was implemented.
Command
Purpose
show ipv6 access-list
Displays all IPv6 access list information.
Table 19-2
Feature History for IPv6 Access Lists
Feature Name
Releases
Feature Information
IPv6 access lists
7.0(1)
We introduced the following command: ipv6 access-list.