Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Is IPv6 ACL needed if not yet using IPv6?

I am concerned about IPv6 traffic infiltrating my network before I'm ready to accept it. Do I need to configure an IPv6 ACL to deny any any IPv6 traffic if I'm only using IPv4? Can you have both an IPv4 and IPv6 ACL configured on the same interface?

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Is IPv6 ACL needed if not yet using IPv6?

Hi Aaron,

Do you even have ipv6 unicast-routing in your configuration? If no, you don't have to concern about IPv6 traffic. You can apply IPv6 ACL on the IPv4 interface, but they are not going to do anything.

Here is a reference on how to do IPv6 ACL

http://www.cisco.com/en/US/partner/docs/ios/ipv6/configuration/guide/ip6-sec_trfltr_fw.html#wp1073622

HTH,

jerry

3 REPLIES
Cisco Employee

Re: Is IPv6 ACL needed if not yet using IPv6?

Hi Aaron,

Do you even have ipv6 unicast-routing in your configuration? If no, you don't have to concern about IPv6 traffic. You can apply IPv6 ACL on the IPv4 interface, but they are not going to do anything.

Here is a reference on how to do IPv6 ACL

http://www.cisco.com/en/US/partner/docs/ios/ipv6/configuration/guide/ip6-sec_trfltr_fw.html#wp1073622

HTH,

jerry

New Member

Re: Is IPv6 ACL needed if not yet using IPv6?

Hi Jerry,

Thanks for the reply. No, I do not have IPv6 unicast-routing enabled so I guess I'm good. I was not sure if any IPv6 commands were hidden thus making IPv6 operational.

Thanks again,

Keith

Cisco Employee

Re: Is IPv6 ACL needed if not yet using IPv6?

Hi Keith,

You are good if you don't have ipv6 unicast-routing enabled. Your router doesn't know how to pass the traffic without that command.

Regards,

jerry

106
Views
0
Helpful
3
Replies