Unable to reach internet using IPv6 network for LAN

Description

This article covers a use case scenario should a customer receive a block of IPv6 global IPs and decides to subnet it for their LAN network.

 

 

Cause

Service Provider filters traffic on edge routers using prefix-list, since BGP consumes an important amount of CPU, so they filter advertisement routes from client, and packets that don't match the prefix-list are dropped. This means if we do a packet capture on the SonicWall we will be able to see upstream traffic coming from LAN subnet but there is no downstream traffic.

See packet capture done below for more details :

 

 

 Image

Resolution

By default, an IPv6 NAT policy is not automatically created when enabling IPv6. Create an IPv6 NAT policy using the following article: LAN to WAN IPv6 traffic need manually add NAT policy.

 

Related Articles

  • How to block ICMP (Ping ) using Application control
    Read More
  • SonicWall GEN8 TZ and NSa Firewalls FAQ
    Read More
  • How to configure Link Aggregation
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community