- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
08-02-2022 06:30 PM
Dear all,
I am new about IPV6. I want to create policy for ipv6. I need to allow destination with public ipv6 address (Internet V6). How can I assign destination with ipv6 prefix for Internet ipv6?
Thank you for your answer.🙂
08-02-2022 07:27 PM
So in the example given you're just negating all RFC 1918 private address ranges. In IPv6 the private address ranges are fc00::/7 (RFC 4193) and fec0::/10 (RFC 3813). Something important to note here is that RFC 3879 deprecates RFC 3813 and the FEC0::/10 shouldn't actually be used anymore.
08-02-2022 06:38 PM
Can you describe what you're actually trying to do a bit more, because I'm honestly not sure what you're asking for? IPv6 doesn't really change how you build anything out from a firewall aspect once you get it enabled on the firewall; there's some features that just don't work at the moment (like Geolocation), but security policies and NAT work functionally the same as IPv4.
08-02-2022 06:48 PM
For example in ipv4, I want allow public ipv4 in destination address. I try to config 3 group private ip10.0.0.0 – 10.255.255.255, 172.16.0.0 – 172.31.255.255, 192.168.0.0 – 192.168.255.255 and negate it. but in ipv6 I'm not sure about how to config like ipv4.
Thank you.
08-02-2022 07:27 PM
So in the example given you're just negating all RFC 1918 private address ranges. In IPv6 the private address ranges are fc00::/7 (RFC 4193) and fec0::/10 (RFC 3813). Something important to note here is that RFC 3879 deprecates RFC 3813 and the FEC0::/10 shouldn't actually be used anymore.
08-02-2022 07:59 PM
Thank you for your solution.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!