Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
547
Views
0
Helpful
2
Replies

access-list to IPv6 on Pix

sercopi
Level 1
Level 1

‎06-16-2006 06:35 AM - edited ‎02-21-2020 12:58 AM

Good evening I have a customer which would try IPv6 on his host.

His host server is allocated on a DMZ on my Pix 525 rel.7.1(2).

Now i must put an ACL that permit IPv6 on his host.

How can write an ACL to permit IPv6 traffic from and to this host server?

Any information that you can send ne are welcomed.

Best Regards

Davide

0 Helpful
2 Replies 2

a.kiprawih
Level 7
Level 7

‎06-16-2006 08:14 AM

Hi Davide,

The IPv6 ACL looks very similar to normal (IPv4) ACL, except for the 'ipv6' keyword and addressing part. You have to enable IPv6 on the DMZ interface and on the interface where the incoming IPv6 is coming, e.g outside interface. But you can also use dual-stack (IPv4-to-IPv6) if required.

Example

hostname(config)# ipv6 access-list id [line num] {permit | deny} protocol source

[src_port] destination [dst_port]

ipv6 access-list outacl permit tcp 2001:400:2:1::/64 2001:400:1:1::/64 eq www

More details on IPv6 ACL is available at:

http://www.cisco.com/en/US/partner/products/ps6120/products_configuration_guide_chapter09186a008054d50c.html

Rgds,

AK

0 Helpful

sercopi
Level 1
Level 1
In response to a.kiprawih

‎06-17-2006 02:49 AM

Hi Amrih,

thank's very much for your answer and for the link that you suggested me, it's the first time to me to configure IPv6 on a appliance.

I think I'll be use dual stack (IPv4-to-IPv6) because all my network address plan is IPv4, an this is the first request of IPv6 support.

Thank's very much for your support.

Best Regards

Davide

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card