The IP inspect uses CBAC which works the same way as SPI function on a regular firewall. There are 3 steps.
1. configure NAT/PAT (which you have done)
2. Allow the required traffic outbound (ACL)
3. Create the IP inspect rules and apply them to the interface. The IP inspect rules should contain the traffic that should be permitted back in (replies to outbound requests) even though the ACL denies
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...