ACL configuration on IPv6

Posted: 19 Apr 2017 in ipv6
Tags: , , , , ,

This tutorial is all about how to configure IPv6 ACL on cisco Router.Here in this example lab we have shown ACL configuration on Cisco Router using cisco packet tracer software.Before we start configuring ACL on IPv6 i want to inform you that on IPV6 we only use Name Based Extended ACL


STEP 1:First Draw the Network Topology Diagram.

ipv6 acl


STEP 2: Assign IPv6 Address on Routers and PC as mentioned in Above Diagram.



Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#ipv6 unicast-routing

Router(config)#int fa0/0

Router(config-if)#ipv6 add 2000::1/64

Router(config-if)#no shut


Router(config)#int fa0/1

Router(config-if)#ipv6 add 2001::1/64

Router(config-if)#no shut


STEP 3:Configure Name Based Extended ACL on Router now.

Block web server for host 2000::2/64  but allow FTP server


Router(config)#ipv6 access-list CCNA

Router(config-ipv6-acl)#deny tcp host 2000::2 host 2001::3 eq 80

Router(config-ipv6-acl)#permit tcp host 2000::2 host 2001::2 eq 21


 Block FTP server for host 2000::3/64  but allow WEB Server access for him.


Router(config-ipv6-acl)#permit tcp host 2000::3 host 2001::3 eq 80

Router(config-ipv6-acl)#deny tcp host 2000::3 host 2001::2 eq 21


STEP 4: Now tell the Router Interface about the ACL NAME you have created above.


Router(config)#int fa0/0

Router(config-if)#ipv6 traffic-filter CCNA in



STEP 5:Check Your Configuration from Host 2000::2/64


You must be able to access FTP server but can’t access WEB server


STEP 6: Check your Configuration From HOST 2000::3/64


You must be able to access WEB server but you cant Access FTP server.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.