08-29-2019 06:56 AM
Are there any updates as to if/when PAN will support DHCPv6 Client and IPv6 Prefix Delegation? This is preventing a purchase for me. Without the ability to receive an IPv6 address and prefix delegation dynamically on the WAN interface, this is a show stopper.
08-29-2019 01:38 PM
Good Afternoon
I am not 100% sure, but can you take a look at this article and see if it describes what you are looking for?
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClKlCAK
08-29-2019 01:55 PM - edited 08-29-2019 01:56 PM
It does not, but thanks for the attempt. The M and O flags provide a way for you to configure how you are going to assign IPv6 addresses to other devices on the network, either via SLAAC or DHCP. You still have to manually assign a static IP to the interface (referenced by looking at the screen shot in the article).
We need to be able to obtain an IPv6 address on the interface dynamically via DHCP. And then more importantly be able to support prefix delegation. With prefix delagation, the provider hands you a delgated prefix over DHCP as well. The firewall needs to be able to receive that and know what to do with it.
With other solutions that support it, there are usually options on the interface configuration that allow you to send an IPv6 prefix hint to indicate the desired prefix size for delegation. That is typically done on the external or WAN interface. Then there are typically options on the interface settings that you would set on your LAN interfaces to tell them to "track" the WAN interface to get their IPv6 addresses / delegated prefixes.
Without support of these two options, PAN is basically incapable of routing IPv6 to/from the internet.
01-08-2020 12:46 PM
Had a chat with my SE. It seems that DHCPv6-PD didn't show up in his searching of feature requests. If you need this feature, you should contact your SE and reference the following feature request ID.
FR ID: 13342
04-15-2021 09:26 AM
Lack of IPv6 DHCP-PD makes these, specially for GlobalProtect, not usable in Amazon AWS. If you have a GP setup in Amazon, it's not possible to run dual stack, and IPv6 traffic just bypasses the GP tunnel.
11-20-2022 05:45 AM
I know this an old thread, but in case you didn't see this, they finally added this feature! I upgraded a couple of days ago and have been running ipv6 ever since.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
