we followed the instructions on how to enable anyconnect for IPv6. They seem to be dated since they mention that ASDM does not support IPv6 but it does.
The problem is as follows: when an anyconnect client connects to the external IPv6 address of the ASA then the ASA does not see that as SSL VPN connection but drops it.
3 Aug 07 2009 13:54:17 710003 2001:610:b20:b02:21b:63ff:fe01:601c 50756 ochre6-ext 443 TCP access denied by ACL from 2001:610:b20:b02:21b:63ff:fe01:601c/50756 to outside:ochre6-ext/443
It seems as if the SSL VPN option on the interface doesnot apply to IPv6. Does anyone know how I could enable this for IPv6 SSL VPNs to be accepted?
Also there is a difference in the way Anyconnect works on VISTA and on OS X.
On OS X the Anyconnect Client accepts IPv6 adresses as VPN gateway and tries to establish a native IPv6 SSL VPN. But it does not work because of the above described. If an IPv4 VPN is established the IPv4 client does not get an IPv6 pool address.
On VISTA the Anyconnect client does not seem to accept native IPv6 addresses for the VPN Gateway address. However if an IPv4 tunnel is established clients get both an IPv4 and an IPv6 pool address.
I am now confused as to what is supposed to work and how. Our goal would be to establish native IPv6 anyconnect VPNs.