Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
403
Views
0
Helpful
3
Replies

Is IPv6 ACL needed if not yet using IPv6?

Go to solution
kduckett
Level 1
Level 1

‎07-14-2009 10:11 AM - edited ‎03-06-2019 06:45 AM

I am concerned about IPv6 traffic infiltrating my network before I'm ready to accept it. Do I need to configure an IPv6 ACL to deny any any IPv6 traffic if I'm only using IPv4? Can you have both an IPv4 and IPv6 ACL configured on the same interface?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jerry Ye
Cisco Employee
Cisco Employee

‎07-14-2009 10:27 AM

Hi Aaron,

Do you even have ipv6 unicast-routing in your configuration? If no, you don't have to concern about IPv6 traffic. You can apply IPv6 ACL on the IPv4 interface, but they are not going to do anything.

Here is a reference on how to do IPv6 ACL

http://www.cisco.com/en/US/partner/docs/ios/ipv6/configuration/guide/ip6-sec_trfltr_fw.html#wp1073622

HTH,

jerry

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jerry Ye
Cisco Employee
Cisco Employee

‎07-14-2009 10:27 AM

Hi Aaron,

Do you even have ipv6 unicast-routing in your configuration? If no, you don't have to concern about IPv6 traffic. You can apply IPv6 ACL on the IPv4 interface, but they are not going to do anything.

Here is a reference on how to do IPv6 ACL

http://www.cisco.com/en/US/partner/docs/ios/ipv6/configuration/guide/ip6-sec_trfltr_fw.html#wp1073622

HTH,

jerry

0 Helpful

Go to solution
kduckett
Level 1
Level 1
In response to Jerry Ye

‎07-14-2009 10:42 AM

Hi Jerry,

Thanks for the reply. No, I do not have IPv6 unicast-routing enabled so I guess I'm good. I was not sure if any IPv6 commands were hidden thus making IPv6 operational.

Thanks again,

Keith

0 Helpful

Go to solution
Jerry Ye
Cisco Employee
Cisco Employee
In response to kduckett

‎07-14-2009 10:51 AM

Hi Keith,

You are good if you don't have ipv6 unicast-routing enabled. Your router doesn't know how to pass the traffic without that command.

Regards,

jerry

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card