Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-3200
221222223224225226227228229230
f. Select svc-https from the scrolling list.
g. Click Add.
.
Rules can be reordered using the up and down arrow buttons provided for each rule.
7. Click Apply. The policy is not created until the configuration is applied.
To create an IPv6 firewall policy using the command-line interface, issue the following commands in config
mode:
ip access-list session ipv6-web-only
ipv6 network 2002:d81f:f9f0:1000::/64 any svc-http permit
ipv6 network 2002:d81f:f9f0:1000::/64 any svc-https permit
Assigning an IPv6 Policy to a User Role
To assign an IPv6 policy using the WebUI:
1. Navigate to the Configuration > Security > Access Control > User Roles page.
2. Click Add to create a new user role.
3. Enter web-guest for Role Name.
4. Under Firewall Policies, click Add. From Choose from Configured Policies, select the ipv6-web-only” IPv6
session policy from the list.
5. Click Done to add the policy to the user role.
6. Click Apply.
To assign an IPv6 policy to a user role via the command-line interface, issue the following command in config
mode:
user-role web-guest
access-list session ipv6-web-only position 1
Understanding DHCPv6 Passthrough/Relay
The controller forwards DHCPv6 requests from IPv6 clients to the external IPv6 router. On the external IPv6
router, you must configure the controller’s IP address as the DHCP relay. You do not need to configure an IP
helper address on the controller to forward DHCPv6 requests.
Managing IPv6 User Addresses
Viewing or Deleting User Entries
To view or delete IPv6 user entries via the WebUI:
1. Navigate to the Monitoring > Controller > Clients page.
2. Click the IPv6 tab to display IPv6 clients.
3. To delete an entry in the IPv6 client display, click the radio button to the left of the client and then click
Disconnect.
To view user entries for IPv6 clients using the command line interface, use the show user-table command in
enable mode. To delete a user entry for an IPv6 client, access the CLI in config mode and use the aaa ipv6
user delete command. For example:
(host)(config) #aaa ipv6 user delete 2002:d81f:f9f0:1000:e409:9331:1d27:ef44
Dell Networking W-Series ArubaOS 6.4.x | User Guide IPv6 Support | 222