i agree with you for the ipv4 access-list but it doesn't work for the ipv6 access-list

http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/acl_ipv6.html#wp1075978

Hello again,

What version of ASA-OS are you running? 

Unless someone answers beforehand I'll load it up and take a look.

cheers,

Seb.

Cisco Adaptive Security Appliance Software Version 9.1(6)10
Device Manager Version 7.4(3)

OK so I tried it, but the ACL command you used is flagged as depreciated and will not take:

ciscoasa# sh ver | inc image
System image file is "disk0:/asa916-10-k8.bin"
ciscoasa# conf t
ciscoasa(config)# ipv6 access-list extended permit ip 2001:630:d0::/64 2a1:cd00:1b0::/64
INFO: ipv6 access-list is deprecated. Please use unified access-list
ciscoasa(config)# access-list extended-ipv6 extended permit ip 2001:630:d0::/64 2a1:cd00:1b0::/64
ciscoasa(config)# end
ciscoasa# sh run access-list 
access-list extended-ipv6 extended permit ip 2001:630:d0::/64 2a1:cd00:1b0::/64

I can't see how you managed to add that ACL unless it was to a running-config on an older ASA-OS. Can't you rewirte your ACLs to use the unified format?

cheers,

Seb.

As of 9.0, IPv4 and IPv6 access-lists and access-groups were unified.  The "any" keyword is now dual-protocol; for v4-only or v6-only rules use "any4" or "any6" instead.

-- Jim Leinweber, WI State Lab of Hygiene