Dell POWEREDGE M1000E User Manual
Page 137
2-107
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference
OL-13271-03
Chapter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands
deny (IPv6 access-list configuration)
Examples
This example configures the IPv6 access list named CISCO and applies the access list to outbound traffic
on a Layer 3 interface. The first deny entry in the list prevents all packets that have a destination TCP
port number greater than 5000 from leaving the interface. The second deny entry in the list prevents all
packets that have a source UDP port number less than 5000 from leaving the interface. The second deny
also logs all matches to the console. The first permit entry in the list permits all ICMP packets to leave
the interface. The second permit entry in the list permits all other traffic to leave the interface. The
second permit entry is necessary because an implicit deny-all condition is at the end of each IPv6 access
list.
Switch(config)# ipv6 access-list CISCO
Switch(config-ipv6-acl)# deny tcp any any gt 5000
Switch config-ipv6-acl)# deny ::/0 lt 5000 ::/0 log
Switch(config-ipv6-acl)# permit icmp any any
Switch(config-ipv6-acl)# permit any any
Switch(config-ipv6-acl)# exit
Switch(config)# interface gigabitethernet1/0/3
Switch(config-if)# no switchport
Switch(config-if)# ipv6 address 2001::/64 eui-64
Switch(config-if)# ipv6 traffic-filter CISCO out
Related Commands
router-solicitation
time-exceeded
unreachable
Command
Description
Defines an IPv6 access list and enters IPv6 access list configuration mode.
Filters incoming or outgoing IPv6 traffic on an interface.
permit (IPv6
access-list
configuration)
Sets permit conditions for an IPv6 access list.
Displays the contents of all current IPv6 access lists.