ER707-M2 IPV6 NAT and address reservation
Hi team!!!
I have an ER707-M2 IPV6 that correctly receives a fixed IPv6 prefix from the ISP and I want to assign an IPv6 address to a server connected to one of the ports.
To assign the address I can enable the DHCPv6 service, however I don't see how to reserve the address then. So it happens that the address changes.
How can I fix this issue?
Then, once I assign an address to the device, I see that there are no traffic restrictions-I don't need to do NAT. Is this correct?
If yes how do I limit the traffic to only port 443?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Thanks for posting in our business forum.
v6 does not have a DHCP reservation yet.
There is no firewall for the v6 yet. If you need to limit the traffic, you may consider the ACL.
- Copy Link
- Report Inappropriate Content
@Clive_A Ok, now it is clear.
Actually I don't need the DHCPv6.
SLAAC can be used as well. Simply the device choose its own address based on its mac address and it is static.
But it seems this address can't be reached from the public network. Only local machine can access the device.
So, I suppose that I need to configure something... any suggestion?
- Copy Link
- Report Inappropriate Content
Thanks for posting in our business forum.
SDVConsulting wrote
@Clive_A Ok, now it is clear.
Actually I don't need the DHCPv6.
SLAAC can be used as well. Simply the device choose its own address based on its mac address and it is static.
But it seems this address can't be reached from the public network. Only local machine can access the device.
So, I suppose that I need to configure something... any suggestion?
Is it actually that you get a public v6 address?
What about the firewall settings on your local machine?
- Copy Link
- Report Inappropriate Content
@Clive_A
Yes, the ISP provide me a static prefix. So I can create as much subnet as I need and assing public address to my device.
As the IPv6 address are public, I hope there are no default limitation. In contrary, I wondering how to limit, but before to limit I want to see the device to be reacheable from the public network, so I did not configured any rule on the firewall right now.
Please let me know if I'm doing something wrong.
- Copy Link
- Report Inappropriate Content
@Clive_A
Anyway, I've added a access control rule but nothing happened:
Policy: Allow
Service Type: All
IP Type: IPv6
Direction: All
Source: IPV6GROUP_ANY
Destination: IPV6GROUP_ANY
Effectiv time: any
States: New, Established, Related
It should mean "no firewall" ...
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 107
Replies: 5
Voters 0
No one has voted for it yet.