[c-nsp] PIX ipv6 neighbour problem
Peter Rathlev
peter at rathlev.dk
Tue Oct 19 11:58:15 EDT 2010
On Tue, 2010-10-19 at 16:02 +0200, Andreas Mueller wrote:
> interface GigabitEthernet1
> nameif inside
> security-level 100
> ip address 192.168.1.232 255.255.255.0
> ipv6 address XXXX:YYYY:ZZZZ:1::e8/64
> ipv6 nd prefix XXXX:YYYY:ZZZZ:1::/64 no-advertise no-autoconfig
>
[...]
> when I tried to ping the IP (XXXX:YYYY:ZZZZ:1::e8) of the PIX on the
> inside interface from a linux box I get no responses.
> When I look at the output of the command "show ipv6 neighbours", started
> multiple times during the pings I get the following outputs:
>
> pix515e/s6ipv6# show ipv6 neigh
> IPv6 Address Age Link-layer Addr State
> Interface
> fe80::20a:b8ff:fefb:6d43 518 000a.b8fb.6d43 STALE inside
> fe80::221:85ff:feca:6146 - 0021.85ca.6146 REACH inside
Can you ping fe80::221:85ff:feca:6146 from you client? What does "ip -6
neighbor list" on the client say? What addresses does the client, both
link-local and in your configured prefix?
--
Peter
More information about the cisco-nsp
mailing list