Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco asa 5505: No traffic lan to wan with IPv6

Hello everybody,

I have a Cisco ASA 5505, public ipv6 in outside interface, private ipv6 in LAN, from router I can ping any ipv6 in Internet and ping my LAN ipv6. Traffic doesn't go through router.

This is my configuration.

interface Vlan1
 nameif inside
 security-level 100
 ip address PRIV-Saturn1 255.255.255.0
 ipv6 address fc00::1/7
 ipv6 enable
!
interface Vlan2
 nameif outside
 security-level 0
 ip address PUBLIC26 255.255.255.248
 ipv6 address xxxx:yyyy:67:36::2/64
 ipv6 enable
 ipv6 nd suppress-ra

access-list Dynamic_Filter_ACL extended permit tcp any6 any6

ipv6 route outside ::/0 xxx:yyyy:67:36::1

 

Am I omitting anything?

Thanks in advance for the help.

 

Jos P

Everyone's tags (1)
1 REPLY
Hall of Fame Super Silver

Since you're using IPv6

Since you're using IPv6 private addressing (fc00::) on the inside, you need a dynamic NAT entry to translate your private IPv6 addresses to a public one.

Alternatively, you could just use a subnet of your registered IPv6 block for the inside network and not worry about NAT.

91
Views
0
Helpful
1
Replies