Apologies, double-up from Networking forum.
So i've spent at least 2 days trying to get IPv6 working correctly at home. I'm at a point where I can at least get ICMP replies back from ipv6.google.com on the console of the ASA but not from a client (Win8 or Win 2012).
I have no idea where i'm going wrong with this...
Topology is currently:
Internet -> Fritz!Box 7390 VDSL router (Snap!) -> ASA5505 -> Inside switch -> Client
- ASA is in routed firewall mode. IPv4 connectivity is working perfectly. Software version is 9.0(2)
- Outside interface (VLAN2) is being autoconfigured via SLAAC (not dhcpv6) - this is working
- Inside interface (VLAN1) I want to have autoconfigured, but this doesn't work for some reason. Perhaps I need to configure an ACL, I don't know what the ACL should be. Setting the IPv6 address manually is fine and I can ping it from a client and the client picks up an autoconfigured address in the same subnet.
- I've configured a default route for ::/0 to Fritz!Box link-local address. If I change this to be the globally assigned address of the Fritz!Box I can no longer ping ipv6.google.com from the console.
- I can't get DHCPrelay working for my clients. I've enabled DHCPv6 on the Fritz!Box and enabled DHCPRelay client on the inside interface and defined the link-local address of the Fritz!Box on the outside interface as the DHCPv6 Server.
ip address 192.168.1.252 255.255.255.0
ipv6 address fc00::/64 eui-64
ipv6 address fe80::1 link-local
ip address dhcp setroute
ipv6 address fe80::2 link-local
ipv6 address autoconfig
ipv6 nd suppress-ra
ipv6 route outside ::/0 fe80::2665:11ff:feec:d31b
access-list inside_access_in extended permit icmp6 any6 any6
access-list inside_access_in extended permit ip any any
It appears mostly that I can't ping through the ASA. From the ASA I can ping IPv6 sites fine.
Ideally I would have both Outside and Inside interfaces being autoconfigured via SLAAC from Snap!. Outside is autoconfiguring fine but Inside is not.
Any help would be appreciated!