cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4802
Views
4
Helpful
4
Replies

Allow DHCP6 through firewall?

jnojr
Level 1
Level 1

I'm looking for a quick-n-dirty of what needs to be allowed to pass through a firewall for DHCP6 to work. I know DHCP6 uses UDP546 on the client and UDP547 on the server. I also believe that there is some important ICMP traffic, but allowing all ipv6-icmp from the DHCP server isn't cutting the mustard. I have RFC 3315 open, but... well, it's an RFC, and my head is already hurting.



Specifically, I want to get this working with OSX 'Mountain Lion' and ip6fw.

4 Replies 4

Harold Ritter
Cisco Employee
Cisco Employee

Hi,

I am not sure what icmp messages you were referring to. Allowing udp 546 to udp 547 and vice versa should suffice for dhcpv6 to work.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

cadet alain
VIP Alumni
VIP Alumni

Hi,

The ICMP messages you're talking about are for  IPv6 ND features like NS/NA or RS/RA but not for DHCPv6.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

Hi Alain,

These ICMPv6 messages are exchanged on the local subnet and will not traverse the FW unless it runs in transparent mode.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Hi Harold,

Yes you're correct I should have mentioned the mode had to be transparent, my bad.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: