- Read Me First
- Preparing for Broadband Access Aggregation
- Providing Protocol Support for Broadband Access Aggregation of PPPoE Sessions
- PPP for IPv6
- DHCP for IPv6 Broadband
- Providing Protocol Support for Broadband Access Aggregation of PPP over ATM Sessions
- Providing Connectivity Using ATM Routed Bridge Encapsulation over PVCs
- PPPoE Circuit-Id Tag Processing
- Configuring PPP over Ethernet Session Limit Support
- PPPoE Session Limit Local Override
- PPPoE QinQ Support
- PPP-Max-Payload and IWF PPPoE Tag Support
- PPPoE Session Limiting on Inner QinQ VLAN
- PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
- Enabling PPPoE Relay Discovery and Service Selection Functionality
- Configuring Cisco Subscriber Service Switch Policies
- AAA Improvements for Broadband IPv6
- Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS
- 802.1P CoS Bit Set for PPP and PPPoE Control Frames
- PPP over Ethernet Client
- VRF Awareness Access Class Line
- PPPoE Smart Server Selection
- Monitoring PPPoE Sessions with SNMP
- PPPoE on ATM
- PPPoE on Ethernet
- PPPoE over VLAN Enhancements Configuration Limit Removal and ATM Support
- Configuring PPPoE over L2TPv3 Tunnels
- ADSL Support in IPv6
- Broadband IPv6 Counter Support at LNS
- PPP IP Unique Address and Prefix Detection
- PPP IPv4 Address Conservation in Dual Stack Environments
- TR-069 Agent
- Broadband High Availability Stateful Switchover
- Broadband High Availability In-Service Software Upgrade
- Controlling Subscriber Bandwidth
- PPPoE Service Selection
- Disabling AC-name and AC-cookie Tags from PPPoE PADS
- Broadband Smart Licensing
- Feature Information for VRF Awareness Access Class Line
- Restrictions for VRF Awareness Access-Class Line
- Information About VRF Awareness Access Class Line
- How to Configure VRF Awareness Access Class Line
- Configuration Examples for VRF Awareness Access Class Line
- Additional References for VRF Awareness Access Class Line
VRF Awareness Access Class Line
The VRF Awareness Access Class Line feature supports access-class command on the VTY line for IPv4 and IPv6.
- Feature Information for VRF Awareness Access Class Line
- Restrictions for VRF Awareness Access-Class Line
- Information About VRF Awareness Access Class Line
- How to Configure VRF Awareness Access Class Line
- Configuration Examples for VRF Awareness Access Class Line
- Additional References for VRF Awareness Access Class Line
Feature Information for VRF Awareness Access Class Line
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.|
Feature Name |
Releases |
Feature Information |
|---|---|---|
|
VRF Awareness Access Class Line |
Cisco IOS XE Release 16.8.1 |
The VRF Awareness Access Class Line feature supports access-class command on the VTY line for IPv4 and IPv6. The following commands were introduced or modified by this feature: access-class acl-name in vrfname vrf, ipv6 access-class acl-name invrfname vrf. |
Restrictions for VRF Awareness Access-Class Line
-
The vrf-also keyword is mutually exclusive of access-class line command.
-
Multiple VRFs cannot be configured on a single access-class line command. For example: line vty 0 4 access-class acl1 in vrfA vrfB vrfc >>>ís not supported
-
When the vrf aware access-class line command for the same VRF is re-configured, the last configuration replaces the earlier one.
-
If the access-class line command is configured with multiple VRFs (for example, vrfA, vrfB, vrfC) on a VTY line and the traffic passes through a different VRF (for example, vrfD), then the packets are dropped.
-
There is only one vrf aware access-class line command for one VRF. For example: Line vty 0 4 Access-class acl-1 in vrfname vrfA Access-class acl-2 in vrfname vrfB Access-class acl-1 in vrfname vrfC
Information About VRF Awareness Access Class Line
VRF Awareness Access Class Line
You can control the accessibility of the virtual terminal lines (VTY) to a device by applying an access list to inbound VTYs. You can also control the destinations that the VTYs from a device can reach by applying an access list to outbound VTYs.
 Note | When you apply an access list to a VTY using the access-class command, the access list can be a numbered access list or a named access list. |
How to Configure VRF Awareness Access Class Line
Configure Access-Class on the VTY line
To configure the access-class command on the VTY line for IPv6, identify a specific line for configuration. Enter the line command with the optional line type VTY, which is the line number.
Device(config)# line vty 0 4 Device(config-line)# ipv6 access-class acl-name in vrfname vfrA
Note | You also can use the line command without specifying a line type. In this case, the line number is treated as an absolute line number. |
Configure Multiple Routing Tables or VRFs using Access-Class
To configure multiple routing tables or VRFs:
Device(config)# line vty 0 4 Device(config-line)# ipv6 access-class acl-1 in vrf vrfA Device(config-line)# ipv6 access-class acl-2 in vrf vrfB Device(config-line)# ipv6 access-class acl-1 in vrf vrfC
Configuration Examples for VRF Awareness Access Class Line
Example: VRF Awareness Access-Class for IPv4 and IPv6
line vty 0 4 access-class acl-1 in vrfname vrfA
line vty 0 5 ipv6 access-class acl-1 in vrfname MGMT ipv6 access-class acl-2 in vrfname LOOP
Additional References for VRF Awareness Access Class Line
Related Documents
|
Related Topic |
Document Title |
|---|---|
|
Cisco IOS commands |
MIBs
|
MIB |
MIBs Link |
|---|---|
|
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: |
Technical Assistance
|
Description |
Link |
|---|---|
|
The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. |
Feedback