62-46
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 62 Configuring Network Security with ACLs
Configuring Object Group ACLs
Configuring IPv6 OG ACLs
•
Guidelines and Restrictions for Configuring IPv6 OG ACLs, page 62-46
•
Creating a IPv6 Address Network Object Group, page 62-46
•
Creating an IPv6 Service Object Group, page 62-47
•
Configuring an IPv6 OG ACL, page 62-48
•
Applying an IPv6 OG ACL to an Interface, page 62-48
•
Verifying IPv6 OG ACLs, page 62-49
Guidelines and Restrictions for Configuring IPv6 OG ACLs
•
IPv6 OG ACLs are supported only on Layer 3 interfaces (such as routed interfaces and VLAN
interfaces).
•
Only Cisco IOS ACLs are supported. It is not supported with any other features. The
reflexive
and
evaluate
keywords are not supported.
•
Only named extended Cisco IOS ACLs are supported. Numbered ACLs are not supported. As with
regular ACEs, you can associate the same access policy with one or more interfaces.
•
Feature interactions for IPv6 OG ACLs are the same as for Cisco IOS ACLs.
•
The maximum number of object group-based ACEs supported in an IPv6 OG ACL is 2048.
Creating a IPv6 Address Network Object Group
To create an IPv6 address network object group, perform this task:
Command or Action
Purpose
Step 1
configure terminal
Example:
Switch#
configure terminal
Enters global configuration mode.
Step 2
object-group v6-network
object-group-name
Example:
Switch(config)#
object-group v6-network myOG
Defines the object group name and enters IPv6-address
network object-group configuration mode.
Step 3
{
ipv6-source-prefix | ipv6-source-prefix|
description
descripton-text |
exit
|
group-object
|
host
{
host-address
|
host-name
} |
no
Example:
Switch(config-service-group)#
description
example of network object group
Switch(config-v6network-group)#
host 2001::1
(Optional) Configures a member of the group and specifies
a description of the object group.
For the object group, you can configure a network address
plus mask or a host (identified by host name or IPv6
address).
Содержание Catalyst 4500 Series
Страница 2: ......
Страница 4: ......
Страница 2086: ...Index IN 46 Software Configuration Guide Release IOS XE 3 9 0E and IOS 15 2 5 E ...