ipv6 access-group

Applies rules specified in an IPv6 access control list (ACL) to traffic entering an interface.

Syntax

ipv6 access-group ACLname in
no ipv6 access-group ACLname in

Parameters

ACLname
Specifies the name of the standard or extended IPv6 access list.
in
Applies the ACL to incoming switched and routed traffic.

Modes

Interface subtype configuration mode

Usage Guidelines

Use this command to apply an IPv6 ACL to one of the following interface types:
  • User interfaces
    • Physical interfaces
    • Port-channels (LAGs)
    • Virtual Ethernet (VE) (attached to a VLAN or to a bridge domain)
  • The management interface
You can apply a maximum of five ACLs to a user interface, as follows:
  • One ingress MAC ACL—if the interface is in switchport mode
  • One egress MAC ACL—if the interface is in switchport mode
  • One ingress IPv4 ACL
  • One egress IPv4 ACL
  • One ingress IPv6 ACL
You can apply a maximum of two ACLs to the management interface, as follows:
  • One ingress IPv4 ACL
  • One ingress IPv6 ACL

You can apply an ACL to multiple interfaces.

To remove an ACL from an interface, enter the no form of this command.

Examples

The following example applies an IPv6 ACL on an Ethernet interface to incoming traffic. 
device# configure terminal
device(config)# interface ethernet 0/1
device(conf-if-eth-0/1)# ipv6 access-group ipv6_acl_7 in
The following example removes an IPv6 ACL from an Ethernet interface. 
device# configure terminal
device(config)# interface ethernet 0/1
device(conf-if-eth-0/1)# no ipv6 access-group ipv6_acl_7 in
9036689-01 Rev AA