[c-nsp] Why doesn't this IPv6 ACL work?
Seth Mattinen
sethm at rollernet.us
Mon Jun 21 22:30:45 EDT 2010
On 6/21/2010 19:14, Billy Guthrie wrote:
> Seth,
>
> can you post line by line (including creation of the ACL list number)
> the commands you are entering?
Just this, loaded via TFTP:
1 !
2
3 no ipv6 access-list fw-timmy_6-in
4 ipv6 access-list fw-timmy_6-in
5
6 permit ipv6 2607:fe70:0:1::/64 any
7
8 !
9
10 no ipv6 access-list fw-timmy_6-out
11 ipv6 access-list fw-timmy_6-out
12
13 permit icmp any 2607:fe70:0:1::/64
14 permit tcp any 2607:fe70:0:1::/64 established
15
16
17 permit tcp any host 2607:fe70::1:2c0:f0ff:fe5a:abe8 eq 25 !error
18 permit tcp any host 2620:0:950:1:2c0:f0ff:fe5a:abe8 eq 25 !ok
19
20 !
21 end
> Maybe even a sanitized config?
> What IOS version are you running?
>
12.2(53)SE2
~Seth
More information about the cisco-nsp
mailing list