Hi all,So i've spent at least 2 days trying to get IPv6 working correctly at home. I'm at a point where I can at least get ICMP replies back from ipv6.google.com on the console of the ASA but not from a client (Win8 or Win 2012).I have no idea where i'm going wrong with this...Topology is currently:Internet -> Fritz!Box 7390 VDSL router (Snap!) -> ASA5505 -> Inside switch -> ClientASA is in routed firewall mode. IPv4 connectivity is working perfectly. Software version is 9.1(1)Outside interface (VLAN2) is being autoconfigured via SLAAC (not dhcpv6) - this is workingInside interface (VLAN1) I want to have autoconfigured, but this doesn't work for some reason. Perhaps I need to configure an ACL, I don't know what the ACL should be. Setting the IPv6 address manually is fine and I can ping it from a client and the client picks up an autoconfigured address in the same subnet.I've configured a default route for ::/0 to Fritz!Box link-local address. If I change this to be the globally assigned address of the Fritz!Box I can no longer ping ipv6.google.com from the console.I can't get DHCPrelay working for my clients. I've enabled DHCPv6 on the Fritz!Box and enabled DHCPRelay client on the inside interface and defined the link-local address of the Fritz!Box on the outside interface as the DHCPv6 Server.interface Vlan1nameif insidesecurity-level 100ip address 192.168.1.252 255.255.255.0ipv6 address fc00::/64 eui-64ipv6 address fe80::1 link-local!interface Vlan2nameif outsidesecurity-level 0ip address dhcp setrouteipv6 address fe80::2 link-localipv6 address autoconfigipv6 nd suppress-ra!ipv6 route outside ::/0 fe80::2665:11ff:feec:d31b!access-list inside_access_in extended permit icmp6 any6 any6access-list inside_access_in extended permit ip any any!It appears mostly that I can't ping through the ASA. From the ASA I can ping IPv6 sites fine.Ideally I would have both Outside and Inside interfaces being autoconfigured via SLAAC from Snap!. Outside is autoconfiguring fine but Inside is not. Any help would be appreciated!
↧