Re: [c-nsp] NXOS 7 apply VTY access-list to both IPv4 and IPv6
--- Begin Message --- Should be like this: tstevens-9236c-1(config)# line vty tstevens-9236c-1(config-line)# ip ip ipv6 tstevens-9236c-1(config-line)# ip access-class foo in tstevens-9236c-1(config-line)# ipv6 access-class bar in tstevens-9236c-1(config-line)# sh run | sec vty line vty access-class foo in ipv6 access-class bar in tstevens-9236c-1(config-line)# Hope that helps, Tim -Original Message- From: cisco-nsp On Behalf Of Francisco José Bernal Fernández Sent: Wednesday, January 13, 2021 9:37 AM To: Drew Weaver Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] NXOS 7 apply VTY access-list to both IPv4 and IPv6 Hi . You need to create ipv6 acces-list. Regards > El 13 ene 2021, a las 18:10, Drew Weaver escribió: > > Nevermind I actually figured this out. I had created the V6 ACL as a V4 ACL. > > Apologies for the bytes. > > -Original Message- > From: cisco-nsp On Behalf Of Drew Weaver > Sent: Wednesday, January 13, 2021 12:01 PM > To: 'cisco-nsp@puck.nether.net' > Subject: [c-nsp] NXOS 7 apply VTY access-list to both IPv4 and IPv6 > > Hello, > > I am doing basic configuration on a switch with NXOS 7. It seems to not want > to let me specify different ACLs per "address family" even though it seems to > imply that it should be possible. If I enter the command as "ip access-class > V4ACL in" and then try to enter "ipv6 access-class V6ACL in" it says: ACL > with given name exists with different type > > It is not a huge deal because CoPP filters it first, but I would like to do > it for the sake of paranoia and consistency. > > It doesn't seem to be possible to create an ACL that is both IPv4 and IPv6 on > this platform, so I am not entirely certain how you do this. > > Thanks, > -Drew > > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://urldefense.proofpoint.com/v2/url?u=https-3A__puck.nether.net_mailman_listinfo_cisco-2Dnsp&d=DwICAg&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=_0xdyUFzHei0BVlt5FeNWn1NB6M1VAlq8UquBTATmY8&s=zdo83IO7gCmeeQPmDv_zrwEhIS5FRVbvUttgzMeSEkg&e= > archive at > https://urldefense.proofpoint.com/v2/url?u=http-3A__puck.nether.net_pipermail_cisco-2Dnsp_&d=DwICAg&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=_0xdyUFzHei0BVlt5FeNWn1NB6M1VAlq8UquBTATmY8&s=HavN1jnpsgGQa4V-PZQAKKapytaGyR47SsWz81CBTsg&e= > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ --- End Message --- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] NXOS 7 apply VTY access-list to both IPv4 and IPv6
Hi . You need to create ipv6 acces-list. Regards > El 13 ene 2021, a las 18:10, Drew Weaver escribió: > > Nevermind I actually figured this out. I had created the V6 ACL as a V4 ACL. > > Apologies for the bytes. > > -Original Message- > From: cisco-nsp On Behalf Of Drew Weaver > Sent: Wednesday, January 13, 2021 12:01 PM > To: 'cisco-nsp@puck.nether.net' > Subject: [c-nsp] NXOS 7 apply VTY access-list to both IPv4 and IPv6 > > Hello, > > I am doing basic configuration on a switch with NXOS 7. It seems to not want > to let me specify different ACLs per "address family" even though it seems to > imply that it should be possible. If I enter the command as "ip access-class > V4ACL in" and then try to enter "ipv6 access-class V6ACL in" it says: ACL > with given name exists with different type > > It is not a huge deal because CoPP filters it first, but I would like to do > it for the sake of paranoia and consistency. > > It doesn't seem to be possible to create an ACL that is both IPv4 and IPv6 on > this platform, so I am not entirely certain how you do this. > > Thanks, > -Drew > > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://urldefense.proofpoint.com/v2/url?u=https-3A__puck.nether.net_mailman_listinfo_cisco-2Dnsp&d=DwICAg&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=_0xdyUFzHei0BVlt5FeNWn1NB6M1VAlq8UquBTATmY8&s=zdo83IO7gCmeeQPmDv_zrwEhIS5FRVbvUttgzMeSEkg&e= > archive at > https://urldefense.proofpoint.com/v2/url?u=http-3A__puck.nether.net_pipermail_cisco-2Dnsp_&d=DwICAg&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=_0xdyUFzHei0BVlt5FeNWn1NB6M1VAlq8UquBTATmY8&s=HavN1jnpsgGQa4V-PZQAKKapytaGyR47SsWz81CBTsg&e= > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] NXOS 7 apply VTY access-list to both IPv4 and IPv6
Nevermind I actually figured this out. I had created the V6 ACL as a V4 ACL. Apologies for the bytes. -Original Message- From: cisco-nsp On Behalf Of Drew Weaver Sent: Wednesday, January 13, 2021 12:01 PM To: 'cisco-nsp@puck.nether.net' Subject: [c-nsp] NXOS 7 apply VTY access-list to both IPv4 and IPv6 Hello, I am doing basic configuration on a switch with NXOS 7. It seems to not want to let me specify different ACLs per "address family" even though it seems to imply that it should be possible. If I enter the command as "ip access-class V4ACL in" and then try to enter "ipv6 access-class V6ACL in" it says: ACL with given name exists with different type It is not a huge deal because CoPP filters it first, but I would like to do it for the sake of paranoia and consistency. It doesn't seem to be possible to create an ACL that is both IPv4 and IPv6 on this platform, so I am not entirely certain how you do this. Thanks, -Drew ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://urldefense.proofpoint.com/v2/url?u=https-3A__puck.nether.net_mailman_listinfo_cisco-2Dnsp&d=DwICAg&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=_0xdyUFzHei0BVlt5FeNWn1NB6M1VAlq8UquBTATmY8&s=zdo83IO7gCmeeQPmDv_zrwEhIS5FRVbvUttgzMeSEkg&e= archive at https://urldefense.proofpoint.com/v2/url?u=http-3A__puck.nether.net_pipermail_cisco-2Dnsp_&d=DwICAg&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=OPufM5oSy-PFpzfoijO_w76wskMALE1o4LtA3tMGmuw&m=_0xdyUFzHei0BVlt5FeNWn1NB6M1VAlq8UquBTATmY8&s=HavN1jnpsgGQa4V-PZQAKKapytaGyR47SsWz81CBTsg&e= ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] NXOS 7 apply VTY access-list to both IPv4 and IPv6
Hello, I am doing basic configuration on a switch with NXOS 7. It seems to not want to let me specify different ACLs per "address family" even though it seems to imply that it should be possible. If I enter the command as "ip access-class V4ACL in" and then try to enter "ipv6 access-class V6ACL in" it says: ACL with given name exists with different type It is not a huge deal because CoPP filters it first, but I would like to do it for the sake of paranoia and consistency. It doesn't seem to be possible to create an ACL that is both IPv4 and IPv6 on this platform, so I am not entirely certain how you do this. Thanks, -Drew ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
