I have been looking for some level of information related to Anyconnect ipv6 & DNS to no alive.
my customer is currently facing with an issue, once the Laptop goes in to sleep mode and awakes within their local network the trusted dns does not work as the IPv6 DNS entry is not released.
let me explain
per customer's research this issue is related to DSL clients with Speedport DSL or Fritzbox DSL box. they are announcing IPv6 settings in some version of their OS. If the client on this environment put their notebook into sleep mode and reopen it within customer local network, the trusted dns does not work as the IPv6 DNS entry is not released. This brings the AC to the assumption that it is not within the trustet network and tries to open the VPN connection. There is a workaround announced by cisco to enter a " *.* " to the trusted dns server list but this is not a solution as the IPv6 only clines will appear soon. As these homeoffice DNS servers are then recognized as trusted the vpn enforcement will not apply.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...