IPv6 Traffic at wireless clients with role denying traffic

  • 1
  • 1
  • Question
  • Updated 2 years ago
  • Answered
We have a VNS with 802.1x auth with role that deny ipv6 traffic.
We are configured this rules:

InOutEthTypeMACIP : PortProtocolPriorityToS/DSCPAccess
destnone0x0800Any0.0.0.0/058AnyN/ADeny
destnone0x0800Any0.0.0.0/041AnyN/ADeny
destnone0x0800Any0.0.0.0/0AnyAnyN/AAllow


Ehter Proto 41 deny ipv6 traffic.
We are capturing eth0 traffic remotely from the ap and we can see clients in this topology sending ipv6 traffic.

We are doing something wrong?
Thanks in advance
Photo of FES

FES

  • 1,360 Points 1k badge 2x thumb

Posted 2 years ago

  • 1
  • 1
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 45,100 Points 20k badge 2x thumb
Could you please post a screenshot of the "VLAN & Class of Service" & "Policy Rules" GUI page of this role - the string of text is hard to decipher and I'm also interested in the other settings on this page.

What type of topology is used?

-Ron
Photo of FES

FES

  • 1,360 Points 1k badge 2x thumb
Here is,
the topology is bridge@AP


Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 45,100 Points 20k badge 2x thumb
Thanks, could you please also attach a screenshot of the "VLAN & Class of Service" tab of this role.
What is the AP model in use.
Photo of FES

FES

  • 1,360 Points 1k badge 2x thumb
Here is,
topology bridge@apwith vlan tagged 38


Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 45,100 Points 20k badge 2x thumb
I've never tried to filter IPv6 but could you try this filter instead of the one that you are using.....

Photo of FES

FES

  • 1,360 Points 1k badge 2x thumb
Thanks Ronald, 
Im going to ask our support why this two rules instead this one.