NAT firewall for IPv6?

• Previous message (by thread): NAT firewall for IPv6?
• Next message (by thread): NAT firewall for IPv6?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5 July 2016 at 17:40, Lee <ler762 at gmail.com> wrote:

>
> Right.  But how long is it going to take to secure the Palo Alto firewall?
> If the central Cisco Catalyst really is an IPv6 router, doing a
> conf t
> ipv6 access-list denyIPv6
>   deny ipv6 any any
>
> interface [whatever connects to the ISP]
>  ipv6 traffic-filter denyIPv6 in
>  ipv6 traffic-filter denyIPv6 out
> end
> would be a quick fix for the firewall not doing any ipv6 filtering.
>

Nope, that is not going to stop his IPv6 address from appearing, which I
will bet you good money is in the range of fe80::/64.

• Previous message (by thread): NAT firewall for IPv6?
• Next message (by thread): NAT firewall for IPv6?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]