Cisco^® CCNA Exam Cram Notes : IPv6 access-list

VIII. Security Fundamentals

6. IPv6 access-list

The syntax for configuring ipv6 ACL is as given below:

deny | permit <protocol> { source-ipv6-prefix / prefix-length | any | host source-ipv6-address } [ operator [ port-number ]] {destination-ipv6-prefix/ prefix-length | any | host destination-ipv6-address } [ operator [ port-number ]] [ dscp value ] [ fragments ] [ log ] [ log-input ] [ sequence value ] [ time-range name ]

Example1: The command "deny tcp any any eq telnet" command restricts any host telnetting to any destination host

ipv6 access-list <access-list-name>

the command defines IPv6 access list name, and enter IPv6 access-list configuration mode.

Example2: deny ipv6 host 2001:db8:100::18 2001:db8:100::1/64

The statement deny ipv6 host 2001:db8:100::18 2001:db8:100::1/64 denies any ipv6 traffic with a source IP Address of - 2001:db8:100::18 that is destined for 2001:db8:100::1/64, That is the IP Address must match exactly

Example3: Step 1: Create an IPv6 ACL, and enter IPv6 access list configuration mode.

Switch#configure terminal
Switch(config)#ipv6 access-list <list-name>
Ex: Switch(config)#ipv6 access-list myipv6list
myipv6list is the list name.
Switch(config-ipv6-acl)#

Step 2: Configure the IPv6 ACL to block (deny) or pass (permit) traffic, use the command:

Switch(config-ipv6-acl)#deny | permit protocol
Ex.: Switch(config-ipv6-acl)#permit icmp any any

Step 3: Apply the IPv6 ACL to an interface. For router ACLs, you must also configure an IPv6 address on the Layer 3 interface to which the ACL is applied.

Step: 3.1
Switch# configure terminal
Switch(config)# interface interface-id

Ex: Switch(config)# interface gigabitethernet1/0/2

Switch(config-if)#no switchport ; this command enables switch interface for layer-3 operation.

Step 3.2 : ipv6 address <ipv6-address>

Ex: Switch(config-if)# ipv6 address 2001::/64 eui-64
Here you assigned an ipv6 address to the interface.

Step 3.3 : ipv6 traffic-filter <access-list-name> { in | out }

Switch(config-if)# ipv6 traffic-filter myipv6list out

here you applied the access-list to an out going interface.

Some of the widely used port numbers are given below:

CCNA Cram Notes Contents

• I. Networking Fundamentals
  • 1. Explain role and function of network components
    • 1.1 TCP and UDP
    • 1.2 TCP and UDP Frames
    • 1.3 Next-generation firewalls and IPS
    • 1.4 Access points
    • 1.5 Endpoints
    • 1.6 Routers,Switches and Servers
    • 1.7 Controllers (Cisco DNA Center and WLC)
  • 2. Network topologies and Flow control
    • 2.1 Different Types of N/w Topologies
    • 2.2 Ethernet and CSMA/CD
    • 2.3 3 tier
    • 2.4 2 tier
    • 2.5 Spine-leaf
    • 2.6 Small office/home office (SOHO)
  • 3. Compare physical interface and cabling types
    • 3.1. Single-mode fiber, multimode fiber,copper
    • 3.2 Connections (Ethernet shared media and point-to-point)
    • 3.3 Concepts of POE
  • 4. IPv4 Addressing
    • 4.1 Subnetting (IP4)
    • 4.2 VLSM
    • 4.3 Examples on subnetting
  • 5. IPv6 addressing
  • 6. Cloud computing
  • 7. Describe wireless principles
    • 7.1 Nonoverlapping Wi-Fi channels
    • 7.2 SSID
    • 7.3 RF
    • 7.4 Encryption
• II. Cisco IOS
  • 1. Cisco Router Architecture
    • 1.1 Block Diagram
    • 1.2 Architectural Components of a Router
    • 1.3 Memory Details of a Typical Cisco Router
  • 2. Cisco Router (25xx series) and its interfaces
    • 2.1 Interfaces Explained
    • 2.2 Console Port Configuration
  • 3. Router modes of operation
  • 4. Frequently used copy commands
  • 5. Different types of router passwords
• III. Routing Technologies
  • 1. Routed and Routing Protocol
  • 2. Routing protocol types
  • 3. Static and Default route
  • 4. Floating static route
  • 5. Distance vector and link-state routing protocols
  • 6. Interior and Exterior routing protocols
  • 7. OSPFv2 for IPv4
• IV. LAN Switching Technologies
  • 1. Introduction to Cisco Switches
  • 2. Switching methods
  • 3. File systems available in Catalyst switches and their usage
  • 4. Switch configuration commands
  • 5. VLANs and VTP
  • 6. Spanning Tree Protocol
  • 7. CDP and LLDP
  • 8. EtherChannel Configuration
• V. WAN Technologies
  • 1. WAN Terms
  • 2. PPP and MLPPP
  • 3. PPPoE
  • 4. MPLS
  • 5. MetroEthernet
  • 6. DTE and DCE
  • 7. Different cable types
  • 8. Interface specifications
  • 9. QoS
• VI. Network Access
  • 1. Wireless Architecture and AP modes
  • 2. Physical infrastructure connections of WLAN components
  • 3. Configure the components of a wireless LAN access for client connectivity using GUI
• VII. IP connectivity and Services
  • 1. DNS
  • 2. DHCP
  • 3. NAT
  • 4. FHRP
  • 5. HSRP
  • 6. NTP
  • 7. Capabilities and function of TFTP/FTP in the network
  • 8. SNMPv2 and SNMPv3
  • 9. Show commands and other related commands
• VIII. Security Fundamentals
  • 1. Security Concepts
  • 2. Describe Security Program elements
  • 3. Security Password policies elements
  • 4. Layer2 security features
  • 5. IPv4 access-list
  • 6. IPv6 access-list
  • 7. IP SLA
  • 8. AAA
  • 9. RADIUS Server
  • 10. TACACS+ Server
  • 11. VPN
  • 12. Wireless Security Protocols
• IX. Automation and Programmability
  • 1. SDN
  • 2. Capability of configuration management mechanism
  • 3. Interpret JSON encoded data
  • 4. Characteristics of Rest-based APIs
  • 5. Cisco DNA center
  • 6. Diagnostic commands
• X. Appendix
  • 1. IEEE standards
  • 2. OSI and DoD Models
  • 3. RIPv1 and RIPv2
  • 4. OSPFv3 for Ipv6
  • 5. EIGRP for IPv4
  • 6. EIGRP for IPv6