Ipv6-based acls – Dell PowerEdge VRTX User Manual

217

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Plasma\User

Guide\Plasma_UGSwitching_NetworkSecurity.fm

D E L L CO N F I D E N T I A L – P R E L I MI N A RY 4/ 1 8 /1 3 - F O R PR O O F O N LY

The following is an example of some of the CLI commands:

IPv6-Based ACLs

The IPv6 Based ACL Page displays and enables the creation of IPv6 ACLs,

which check pure IPv6-based traffic. IPv6 ACLs do not check IPv6-over-IPv4

or ARP packets.

deny protocol {any |source source-

wildcard} {any |destination destination-

wildcard} [dscp number | precedence number]

[time-range time-range-name]

deny icmp {any | source source-wildcard}

{any |destination destination-wildcard}

[any | icmp-type] [any | icmp-code] [dscp

number | precedence number] [time-range

time-range-name]

deny igmp {any | source source-wildcard}

{any | destination destination-wildcard}

[igmp-type] [dscp number | precedence

number] [time-range time-range-name]

deny tcp {any | source source-wildcard}

{any | source-port | port-range} {any |

destination destination-wildcard} {any |

destination-port/port-range} [dscp number

| precedence number] [match-all list-of-

flags] [time-range time-range-name]

deny udp {any | source source-wildcard}

{any | source-port | port-range} {any |

destination destination-wildcard} {any |

destination-port | port-range} [dscp

number | precedence number] [time-range

time-range-name]

Sets deny conditions

for IPv4 access list (in

access list

configuration mode).

console(config)# ip access-list extended server

console(config-ip-al)# permit ip 1.1.1.0 0.0.0.255

1.1.2.0 0.0.0.0

Table 7-5. IP-Based ACE CLI Commands (Continued)

CLI Command

Description