10-12
Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance
OL-26645-02
Chapter 10 Configuring Network Access
Configuring Virtual Context VLAN Interfaces
Enable Normalization Check the check boxes to indicate that normalization is to be enabled on
this interface for IPv4, IPv6, or both.
Clear the check box to indicate that normalization is to be disabled on
this interface.
Caution Disabling normalization may expose your ACE appliance and
network to potential security risks. Normalization protects
your networking environment from attackers by enforcing
strict security policies that are designed to examine traffic for
malformed or malicious segments.
Enable IPv6 Check the check box to enable IPv6 on this interface. By default, IPv6
is disabled. The interface cannot be in bridged mode. When you enable
IPv6, the ACE automatically does the following:
• Configures a link-local address (if not previously configured)
• Performs duplicate address detection (DAD)
Clear the check box to indicate that IPv6 is disabled on this interface.
IPv6 Global Address A global address is an IPv6 unicast address that is used for general IPv6
communication. Each global address is unique across the entire Internet.
Therefore, its scope is global. The low order 64 bits can be assigned in
several ways, including autoconfiguration using the EUI-64 format. You
can configure only one globally unique IPv6 address on an interface.
When you configure a global IPv6 address on an interface, the ACE
automatically does the following:
• Configures a link-local address (if not previously configured)
• Performs duplicate address detection (DAD) on both addresses
IPv6 Address To configure an IPv6 global address on an interface, enter a complete
IPv6 address with a prefix of 2000::/3 to 3fff::/3. For example, enter
2001:DB8:1::0.
Check the EUI-64 box to specify that the low order 64 bits are
automatically generated in the IEEE 64-bit Extended Unique Identifier
(EUI-64) format specified in RFC 2373. To use EUI-64, the Prefix
Length field must be less than or equal to 64 and the host segment must
be all zeros.
Table 10-3 VLAN Interface Attributes (continued)
Field Description
Comments to this Manuals