Multiple acl assignments on an interface, Multiple acl assignments on an interface -18 – HP 6200YL User Manual

Page 194

Advertising
background image

IPv6 Access Control Lists (ACLs)
Overview

For the Web authentication method, clients must authenticate using
IPv4. However, this does not prevent the client from using a dual
stack, or the port receiving a RADIUS-assigned ACL configured with
ACEs to filter IPv6 traffic.

The RADIUS server must support IPv4 and have an IPv4 address.
RADIUS clients can be dual stack, IPv6-only, or IPv4-only.

802.1X rules for client access apply to both IPv6 and IPv4 clients for
RADIUS-assigned ACLs. Refer to “802.1X User-Based and Port-Based
Applications” on page 8-16.

Multiple ACL Assignments on an Interface

The switch simultaneously supports IPv6, IPv4, and RADIUS-assigned ACLs
on the same interface (subject to internal resource availability). This means
that traffic on a port belonging to a given VLAN “X” can simultaneously be
subject to all of the ACLs listed in table 8-1.

Table 8-1.

Per-Interface Multiple ACL Assignments

ACL Type

ACL Application

RADIUS-

one port-based ACL (for first client to authenticate on the port) or up

Assigned
(Dynamic) ACLs

to 32 user-based ACLs (one per authenticated client)
Note: If one or more user-based, RADIUS-assigned ACLs are
assigned to a port, then the only traffic allowed inbound on the port
is from authenticated clients.

IPv6 Static ACLs: One static VACL for IPv6 traffic for VLAN “X” entering the switch

through the port.

One static port ACL for IPv6 traffic entering the switch on the port.

IPv4 Static ACLs: one static VACL for IPv4 traffic for VLAN “X” entering the switch

through the port

one static port ACL for any IPv4 traffic entering the switch on the port

one connection-rate ACL for inbound IPv4 traffic for VLAN “X” on
the port (if the port is configured for connection-rate filtering)

one inbound and one outbound RACL filtering routed IPv4 traffic
moving through the port for VLAN “X”. (Also applies to inbound,
switched traffic on VLAN “X” that has a destination on the switch
itself.)

8-18

Advertising
This manual is related to the following products:

8200ZL

Popular Brands
Popular manuals