Use this procedure for applying an IPv4 or IPv6 ACL to a physical interface, using the ip/ipv6 access-group command.
device# configure terminal
device(config)# interface ethernet 0/2
device(conf-if-eth-0/2)# ip access-group test_02 out
device(conf-if-eth-0/2)# ipv6 access-group stdV6ACL_1 in
device(conf-if-eth-0/2)# ip access-group test_02 out
device(conf-if-eth-0/2)# ipv6 access-group stdV6ACL_1 in
device# configure device(config)# interface ethernet 0/2 device(conf-if-eth-0/9)# ip access-group ipacl2 inThe following example applies an IPv6 ACL to a physical interface.
device# configure device(config)# interface ethernet 0/2 device(conf-if-eth-0/2)# ipv6 access-group ip_acl_1 in device(conf-if-eth-0/2)# do show access-list ipv6 ip_acl_1 in ipv6 access-list ip_acl_1 on ethernet 0/22 at Ingress (From User) seq 10 deny ipv6 2001:2002:1234:1::/64 2001:1001:1234:1::/64 count (Active)