This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enabling IPv6 on untrusted Ethernet1/1 interface brings down IPv4

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Enabling IPv6 on untrusted Ethernet1/1 interface brings down IPv4

bryanscott
L0 Member

‎12-05-2020 09:37 AM

I tried working with Palo Alto support but there hours don't match with my schedule. 

 

I decided to start using IPv6 on my local LAN and WAN. 

 

I setup a DHCP server using MS Server and created a scope. Devices on the network are getting two IPv6 address. 

 

I configured the IPv6 on PA-220 and hit the enable button and committed and immediately lost the IPv4 network from Xfinity. I currently get my IPv4 via DHCP.

 

After about a week of this I contacted support and open up a case via the Palo Alto web portal. They couldn't answer the basic question, why enabling IPv6 would bring down IPv4. Even if I don't have anything configured it brings down the IPv4. Just enabling it brings down the interface. I know I'm getting IPv6 from Xfinity. I did a packet capture. 

 

bryanscott_0-1607189276233.png

 

 

During this time, I configured a Cisco RV340 and have no issues with both IPv4 and IPv6 working on the untrusted interface. I could continue to use the Cisco RV340 but it's not a NGF. 

 

If needed I could provide configurations, but seeing I can get it  to work on a Cisco small business router I wonder what is going on. I was on version 10.x software. I downgraded to 9.1.x just to see if it was a problem with the code. No change. 

 

I contacted Xfinity and they say both can work at the same time. They also provided the Prefix to use. It's in the screenshot. 

 

 

2 REPLIES 2

erikda
L2 Linker

‎12-07-2020 03:20 AM

Can't explain why IPv4 goes down, but be aware that Palo does not support DHCPv6 prefix delegation, which is kinda mind blowing.
Been requested for a long time, but seems like IPv6 doesn't get any attention.

0 Likes Likes

Bryans1367
L0 Member
In response to erikda

‎12-07-2020 02:43 PM

I replaced the Netgear CM1100 modem with a Arris T25 modem and the modem does not reboot after I enable IPv6. 

 

I found a post on Netgear's support website that others are having the same problem with different firewalls.

 

0 Likes Likes
  • 2525 Views
  • 2 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks