To add an ACE to the end of an ACL:
Procedure
-
Use the
ipv6 access-list
name-str
command to enter the context for a specific IPv6 ACL. (If the ACL does not exist in the switch configuration, this command creates it.)
-
Enter the text of the ACE without specifying a sequence number.
-
For example, the following pairs of commands enter the context of an ACL named "List-1" and add a "permit" ACE to the end of the list. This new ACE permits the IPv6 traffic from the device at 2001:db8:0:a9:8d:100 to go to all destinations.
Switch(config)# ipv6 access-list List-1
Switch(config-ipv6-acl)# permit host 2001:db8:0:a9::8d:100 any
To insert an ACE anywhere in an existing ACL:
Enter the context of the ACL and specify a sequence number.
To insert a new ACE
To insert a new ACE as line 15 between lines 10 and 20 in an existing ACL named "List-2" to deny traffic from the device at 2001:db8:0:a9::8d:77:
Switch(config)# ipv6 access-list List-2
Switch(config-ipv6-acl)# deny host 2001:db8:0:a9::8d:77 any