Can anyone confirm that IPv6 ACLs successfully match packets on upper layer protocols (ULP) such as TCP even when the Hop-by-Hop EH (extension header) is present?
I found some information regarding matching ULPs when the AH extension header is present but have been unable to do the same for the Hop-by-Hop EH. (http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-sec_trfltr_fw.html#wp1072428) Cheers Ivan _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
