HP 6200YL User Manual

IPv6 Access Control Lists (ACLs)
Testing and Troubleshooting ACLs

ProCurve(config)# ipv6 access-list NO-TELNET

ProCurve(config-ipv6-acl)# remark "deny fe80::10:3 Telnet traffic."

ProCurve(config-ipv6-acl)# deny tcp host fe80::10:3 any eq telnet log

ProCurve(config-ipv6-acl)# permit ipv6 any any

ProCurve(config-ipv6-acl)# exit

ProCurve(config)# vlan 10 ipv6 access-group NO-TELNET vlan

Assigns the ACL named “NO-TELNET” as
a VACL to filter Telnet traffic from
FE80::10:3 entering the switch on VLAN 10.

ProCurve(config)# logging 10.10.50.173

ProCurve(config)# logging facility syslog

ProCurve(config)# debug destination logging

ProCurve(config)# debug destination session

ProCurve(config)# debug acl

ProCurve(config)# write mem

ProCurve(config)# show debug

Debug Logging

Destination:

Logging -

-

10.10.50.173

Facility = syslog

Severity = debug

System Module = all-pass

Priority Desc =

Session

Enabled debug types:

event

acl log

ProCurve(config)# show access-list NO-TELNET config

ipv6 access-list "NO-TELNET"

10 remark "deny fe80::10:3 TELNET TRAFFIC"

10 deny tcp fe80::10:3/128 ::/0 eq 23 log

20 permit ipv6 ::/0 ::/0

exit

Figure 8-39. Commands for Applying an ACL with Logging to Figure 8-38

8-92