Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1712
Views
0
Helpful
0
Replies

ASA 9.6.2 IPv6 Prefix Delegation - Now what ? Firewall Rules ?

TFLASCHENTR_2
Level 1
Level 1

‎11-03-2016 12:23 AM - edited ‎03-01-2019 05:51 PM

Hi All,

after years of waiting i am very happy to finally have IPv6 prefix delegation feature on ASA 9.6.2.

(it was badly needed for SMB or small retailer shops, to deal with dynamic isp prefixes)

Seems to work as expected so far.

Now i am wondering how to write firewall rules which make sense ?

On Routers we have wildcard masks in ACLs, we can compensate for the dynamic prefix -

but on ASA we have not....

Any suggestions how to write firewalls rules for delegated prefixes which were obtained by

prefix delegation ?

In my oppinion it makes so real sense to have prefix delegation on a firewall without firewal-rule support...

I am missing the option to use my prefix placeholder for firewall rules, like

permit ip prefix-obtained-by-isp,AA:0:0:01/64 something like that...

Any hints on this ?

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents