Configuring IPv4 and IPv6 Access Control Lists
Removes this entry from the IPv4-ACL (x3).
Removing IP Filters from an Existing IPv6-ACL
To remove configured entries from an IPv6-ACL, follow these steps:
Procedure
Step 1
switch# configure terminal
switch(config)#
Enters configuration mode.
Step 2
switch(config)# ipv6 access-list List3
switch(config-ipv6-acl)#
Configures an IPv6-ACL and enters IPv6-ACL configuration submode.
Step 3
switch(config-ipv6-acl)# no deny tcp 2001:0DB8:800:2010::/64 eq port 5 any
Removes the TCP entry from the IPv6-ACL.
Step 4
switch(config-ipv6-acl)# no deny ip any any
Removes the IP entry from the IPv6-ACL.
Verifying the IPv4-ACL or IPv6-ACL Configuration
Use the show ip access-list command to view the contents of configured IPv4-ACLs. An IPv4-ACL can have
one or more filters. (See the following examples).
Displays Filters Configured for an IPv4-ACL
switch# show ip access-list abc
ip access-list abc permit tcp any any (0 matches)
ip access-list abc permit udp any any (0 matches)
ip access-list abc permit icmp any any (0 matches)
ip access-list abc permit ip 10.1.1.0 0.0.0.255 (2 matches)
ip access-list abc permit ip 10.3.70.0 0.0.0.255 (7 matches)
Displays Configured IPv6-ACLs
Use the show ipv6 access-list command to view the contents of configured access filters. Each access
filter can have several conditions. (See the following examples).
Removing IP Filters from an Existing IPv6-ACL
Cisco MDS 9000 Series Security Configuration Guide, Release 8.x
109