×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

IPV6 and IPV4 ACLs

Answered Question
Apr 30th, 2012
User Badges:

                   As we begin  deployment  IPV6 we are going to be in a mixed IPV4/6 environment - we have required access lists  implemented for IPV4 and must applty the same ACL defined for  for IPV6. Is it possible to apply IPV4 and IPV6 access lists concurrently on an interface or is a single access list containing both IPV4 and IPV6 addresses called for?

Correct Answer by stmillet about 5 years 3 months ago

You will need to have concurrent ACLs applied to an interface.


The access lists are address familiy specific in their syntax and features so they cannot be mixed. An indicative example is shown below.


!

interface Ethernet1/1

ip access-group test-v4 in

ipv6 traffic-filter test-v6 in

!

ip access-list extended test-v4

permit ip any host 1.1.1.1

deny   ip any any

!

ipv6 access-list test-v6

permit ipv6 any host 2001:DB8::1

deny ipv6 any any

!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
stmillet Tue, 05/01/2012 - 19:36
User Badges:
  • Cisco Employee,

You will need to have concurrent ACLs applied to an interface.


The access lists are address familiy specific in their syntax and features so they cannot be mixed. An indicative example is shown below.


!

interface Ethernet1/1

ip access-group test-v4 in

ipv6 traffic-filter test-v6 in

!

ip access-list extended test-v4

permit ip any host 1.1.1.1

deny   ip any any

!

ipv6 access-list test-v6

permit ipv6 any host 2001:DB8::1

deny ipv6 any any

!

bryantsteve Wed, 05/02/2012 - 05:20
User Badges:

Thanks that was what I was looking for as I was worried about having two inbound access lists applied to the same interface

Actions

This Discussion

Related Content