https://live.paloaltonetworks.com/t5/general-topics/deep-packet-inspection-of-ipv6-traffic/m-p/28195#M20588 <HTML><HEAD></HEAD><BODY><P>What encryption is happening for the IPV6 traffic?&nbsp; </P></BODY></HTML> Thu, 02 Jun 2011 18:52:35 GMT mrajdev 2011-06-02T18:52:35Z https://live.paloaltonetworks.com/t5/general-topics/deep-packet-inspection-of-ipv6-traffic/m-p/28194#M20587 <HTML><HEAD></HEAD><BODY><P>How can we have deep packet inspection of IPv6 traffic, if the traffic (by default) is encrypted? </P></BODY></HTML> Thu, 02 Jun 2011 13:03:42 GMT https://live.paloaltonetworks.com/t5/general-topics/deep-packet-inspection-of-ipv6-traffic/m-p/28194#M20587 FirstSolar 2011-06-02T13:03:42Z https://live.paloaltonetworks.com/t5/general-topics/deep-packet-inspection-of-ipv6-traffic/m-p/28195#M20588 <HTML><HEAD></HEAD><BODY><P>What encryption is happening for the IPV6 traffic?&nbsp; </P></BODY></HTML> Thu, 02 Jun 2011 18:52:35 GMT https://live.paloaltonetworks.com/t5/general-topics/deep-packet-inspection-of-ipv6-traffic/m-p/28195#M20588 mrajdev 2011-06-02T18:52:35Z https://live.paloaltonetworks.com/t5/general-topics/deep-packet-inspection-of-ipv6-traffic/m-p/28196#M20589 <HTML><HEAD></HEAD><BODY><P>Hi FirstSolar,</P><P></P><P>IPv6 traffic is not encrypted by default.&nbsp; In normal circumstances, IPv6 traffic is passed in plaintext (just like IP version 4).&nbsp; PAN-OS does support SSL decryption on IPv6 sessions if that is a concern.&nbsp; </P><P></P><P>We do not currently terminate IPv6 tunnels so that type of traffic would have to be decrypted prior to entering the firewall or else it could not be inspected.</P><P></P><P>Hope this helps,</P><P>Nick Campagna</P></BODY></HTML> Fri, 03 Jun 2011 20:58:24 GMT https://live.paloaltonetworks.com/t5/general-topics/deep-packet-inspection-of-ipv6-traffic/m-p/28196#M20589 ncampagna 2011-06-03T20:58:24Z