ProSafe M4100 and M7100 Managed Switches

Note that the order of the rules is important: When a packet matches multiple rules, the first rule takes precedence. Also, once you define an ACL for a given port, all traffic not specifically permitted by the ACL is denied access.

Interface 1/0/1

GSM73xxS

2001:0DB8:c0ab:ac11::/64

2001:0DB8:c0ab:ac14::/64

2001:0DB8:c0ab:ac12::/64 2001:0DB8:c0ab:ac13::/64

IPv6 HTTP traffic

IPv6 Telnet traffic

IPv6 Any other traffic

Figure 21. IPv6 ACLs

The script in this section shows you how to set up an IPv6 ACL with the following three rules:

Rule-1. Permits every traffic to the destination network 2001:DB8:C0AB:AC14::/64.

Rule-2. Permits IPv6 TELNET traffic to the destination network 2001:DB8:C0AB:AC13::/64.

Rule-3. Permits IPv6 HTTP traffic to any destination.

CLI: Configure an IPv6 ACL

1.Create the access control list with the name ipv6-acl.

(Netgear Switch) (Config)# ipv6 access-list ipv6-acl

2.Define three rules to:

Permit any IPv6 traffic to the destination network 2001:DB8:C0AB:AC14::/64 from the source network 2001:DB8:C0AB:AC11::/64.

184 Chapter 10. ACLs

Page 184
Image 184
NETGEAR M7100, M4100 manual CLI Configure an IPv6 ACL, Create the access control list with the name ipv6-acl