19-3
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter19 Adding an IPv6 Access List
Default Settings
echo-reply
membership-query
membership-report
membership-reduction
router-renumbering
router-solicitation
router-advertisement
neighbor-solicitation
neighbor-advertisement
neighbor-redirect
If the protocol argument is specified, valid values are icmp, ip, tcp, udp, or an integer in the range
of 1 to 254, representing an IP protocol number.
Default Settings
Table19-1 lists the default settings for IPv6 access list parameters.
Table19-1 Default IPv6 Access List Parameters
Parameters Default
default The default option specifies that a syslog message
106100 is generated for the ACE.
interval secs Specifies the time interval at which to generate a
106100 syslog message; valid values are from 1 to
600 seconds. The default interval is 300 seconds.
This value is also used as the timeout value for
deleting an inactive flow.
level The level option specifies the syslog level for
message 106100; valid values are from 0 to 7. The
default level is 6 (informational).
log The log option specifies logging action for the
ACE. If you do not specify the log keyword or you
specify the log default keyword, then message
106023 is generated when a packet is denied by the
ACE. If you specify the log keyword alone or with
a level or interval, then message 106100 is
generated when a packet is denied by the ACE.
Packets that are denied by the implicit deny at the
end of an access list are not logged. You must
implicitly deny packets with an ACE to enable
logging.