Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Allow DHCP6 through firewall?

I'm looking for a quick-n-dirty of what needs to be allowed to pass through a firewall for DHCP6 to work. I know DHCP6 uses UDP546 on the client and UDP547 on the server. I also believe that there is some important ICMP traffic, but allowing all ipv6-icmp from the DHCP server isn't cutting the mustard. I have RFC 3315 open, but... well, it's an RFC, and my head is already hurting.



Specifically, I want to get this working with OSX 'Mountain Lion' and ip6fw.

Everyone's tags (3)
4 REPLIES
Cisco Employee

Allow DHCP6 through firewall?

Hi,

I am not sure what icmp messages you were referring to. Allowing udp 546 to udp 547 and vice versa should suffice for dhcpv6 to work.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Purple

Allow DHCP6 through firewall?

Hi,

The ICMP messages you're talking about are for  IPv6 ND features like NS/NA or RS/RA but not for DHCPv6.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
Cisco Employee

Allow DHCP6 through firewall?

Hi Alain,

These ICMPv6 messages are exchanged on the local subnet and will not traverse the FW unless it runs in transparent mode.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Purple

Allow DHCP6 through firewall?

Hi Harold,

Yes you're correct I should have mentioned the mode had to be transparent, my bad.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
1857
Views
4
Helpful
4
Replies
CreatePlease to create content