Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Cisco>
  3. NSP
NXOS 7 apply VTY access-list to both IPv4 and IPv6
drew.weaver at thenap
Jan 13, 2021, 9:01 AM
Post #1 of 4 (606 views)
Permalink
Hello,

I am doing basic configuration on a switch with NXOS 7. It seems to not want to let me specify different ACLs per "address family" even though it seems to imply that it should be possible. If I enter the command as "ip access-class V4ACL in" and then try to enter "ipv6 access-class V6ACL in" it says: ACL with given name exists with different type

It is not a huge deal because CoPP filters it first, but I would like to do it for the sake of paranoia and consistency.

It doesn't seem to be possible to create an ACL that is both IPv4 and IPv6 on this platform, so I am not entirely certain how you do this.

Thanks,
-Drew

_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: NXOS 7 apply VTY access-list to both IPv4 and IPv6 [ In reply to ]
drew.weaver at thenap
Jan 13, 2021, 9:06 AM
Post #2 of 4 (606 views)
Permalink
Nevermind I actually figured this out. I had created the V6 ACL as a V4 ACL.

Apologies for the bytes.

-----Original Message-----
From: cisco-nsp <cisco-nsp-bounces@puck.nether.net> On Behalf Of Drew Weaver
Sent: Wednesday, January 13, 2021 12:01 PM
To: 'cisco-nsp@puck.nether.net' <cisco-nsp@puck.nether.net>
Subject: [c-nsp] NXOS 7 apply VTY access-list to both IPv4 and IPv6

Hello,

I am doing basic configuration on a switch with NXOS 7. It seems to not want to let me specify different ACLs per "address family" even though it seems to imply that it should be possible. If I enter the command as "ip access-class V4ACL in" and then try to enter "ipv6 access-class V6ACL in" it says: ACL with given name exists with different type

It is not a huge deal because CoPP filters it first, but I would like to do it for the sake of paranoia and consistency.

It doesn't seem to be possible to create an ACL that is both IPv4 and IPv6 on this platform, so I am not entirely certain how you do this.

Thanks,
-Drew

_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net https://urldefense.proofpoint.com/v2/url?u=https-3A__puck.nether.net_mailman_listinfo_cisco-2Dnsp&d=DwICAg&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=_0xdyUFzHei0BVlt5FeNWn1NB6M1VAlq8UquBTATmY8&s=zdo83IO7gCmeeQPmDv_zrwEhIS5FRVbvUttgzMeSEkg&e=
archive at https://urldefense.proofpoint.com/v2/url?u=http-3A__puck.nether.net_pipermail_cisco-2Dnsp_&d=DwICAg&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=_0xdyUFzHei0BVlt5FeNWn1NB6M1VAlq8UquBTATmY8&s=HavN1jnpsgGQa4V-PZQAKKapytaGyR47SsWz81CBTsg&e=
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: NXOS 7 apply VTY access-list to both IPv4 and IPv6 [ In reply to ]
fj.bernal at brnet
Jan 13, 2021, 9:37 AM
Post #3 of 4 (606 views)
Permalink
Hi .

You need to create ipv6 acces-list.

Regards

> El 13 ene 2021, a las 18:10, Drew Weaver <drew.weaver@thenap.com> escribió:
>
> ?Nevermind I actually figured this out. I had created the V6 ACL as a V4 ACL.
>
> Apologies for the bytes.
>
> -----Original Message-----
> From: cisco-nsp <cisco-nsp-bounces@puck.nether.net> On Behalf Of Drew Weaver
> Sent: Wednesday, January 13, 2021 12:01 PM
> To: 'cisco-nsp@puck.nether.net' <cisco-nsp@puck.nether.net>
> Subject: [c-nsp] NXOS 7 apply VTY access-list to both IPv4 and IPv6
>
> Hello,
>
> I am doing basic configuration on a switch with NXOS 7. It seems to not want to let me specify different ACLs per "address family" even though it seems to imply that it should be possible. If I enter the command as "ip access-class V4ACL in" and then try to enter "ipv6 access-class V6ACL in" it says: ACL with given name exists with different type
>
> It is not a huge deal because CoPP filters it first, but I would like to do it for the sake of paranoia and consistency.
>
> It doesn't seem to be possible to create an ACL that is both IPv4 and IPv6 on this platform, so I am not entirely certain how you do this.
>
> Thanks,
> -Drew
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp@puck.nether.net https://urldefense.proofpoint.com/v2/url?u=https-3A__puck.nether.net_mailman_listinfo_cisco-2Dnsp&d=DwICAg&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=_0xdyUFzHei0BVlt5FeNWn1NB6M1VAlq8UquBTATmY8&s=zdo83IO7gCmeeQPmDv_zrwEhIS5FRVbvUttgzMeSEkg&e=
> archive at https://urldefense.proofpoint.com/v2/url?u=http-3A__puck.nether.net_pipermail_cisco-2Dnsp_&d=DwICAg&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=_0xdyUFzHei0BVlt5FeNWn1NB6M1VAlq8UquBTATmY8&s=HavN1jnpsgGQa4V-PZQAKKapytaGyR47SsWz81CBTsg&e=
> _______________________________________________
> cisco-nsp mailing list cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: NXOS 7 apply VTY access-list to both IPv4 and IPv6 [ In reply to ]
cisco-nsp at puck
Jan 13, 2021, 9:49 AM
Post #4 of 4 (606 views)
Permalink
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal