我看到许多关于Cisco ASA(在本例中为5505)是否可以通过PPPoE连接使用IPv6的相互冲突的信息。

我看到了正式的Cisco文档,使它看起来很容易,但我看到了很多的论坛帖子中指出它无法正常工作。

这可能吗?


我们的提供者是Internode;并且提供了在800系列路由器上启用的本指南。我们ASA的/56的开头是:

Cisco Adaptive Security Appliance Software Version 9.1(1)
Device Manager Version 7.1(2)102

Hardware:   ASA5505, 512 MB RAM, CPU Geode 500 MHz,
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW016 @ 0xfff00000, 2048KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)
                             Boot microcode        : CN1000-MC-BOOT-2.00
                             SSL/IKE microcode     : CNLite-MC-SSLm-PLUS-2.03
                             IPSec microcode       : CNlite-MC-IPSECm-MAIN-2.08
                             Number of accelerators: 1


关于我尝试过的内容:我尝试为连接启用自动配置,我添加了PD进入ASA,但是由于实际的PPPoE链路需要动态IP,因此无法设置静态IP。无论如何,我还是尝试过(通过使用sh ver,它似乎是Internode的一种常见配置),但是从内存中,ASA不会让我仅将路由分配给接口,它只需要下一跳,而我没有


edge(config-if)# show running-config interface vlan2
!
interface Vlan2
 nameif outside
 security-level 0
 pppoe client vpdn group Internode
 ip address pppoe setroute
 ipv6 address autoconfig
 ipv6 enable
 ipv6 nd prefix 2001:44b8:310c:9f00::/56 infinite infinite
 ipv6 nd managed-config-flag
 ipv6 nd other-config-flag

vpn(config-if)# show ip
System IP Addresses:
Interface                Name                   IP address      Subnet mask     Method
Vlan1                    inside                 192.168.161.17  255.255.255.0   CONFIG
Vlan2                    outside                59.167.172.177  255.255.255.255 manual
Vlan3                    dmz                    unassigned      unassigned      DHCP
Vlan5                    Guest                  192.168.64.17   255.255.255.0   manual
Current IP Addresses:
Interface                Name                   IP address      Subnet mask     Method
Vlan1                    inside                 192.168.161.17  255.255.255.0   CONFIG
Vlan2                    outside                59.167.172.177  255.255.255.255 manual
Vlan3                    dmz                    unassigned      unassigned      DHCP
Vlan5                    Guest                  192.168.64.17   255.255.255.0   manual


vpn(config-if)# show ipv6 interface outside
outside is up, line protocol is up
  IPv6 is enabled, link-local address is fe80::462b:3ff:fe7a:d5
  No global unicast address is configured
  Joined group address(es):
    ff02::1:ff00:1
    ff02::1:ff7a:d5
    ff02::2
    ff02::1
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds
  ND advertised reachable time is 0 milliseconds
  ND advertised retransmit interval is 1000 milliseconds
  ND router advertisements are sent every 200 seconds
  ND router advertisements live for 1800 seconds
  Hosts use DHCP to obtain routable addresses.
  Hosts use DHCP to obtain other configuration.


#1 楼

根据Ricky Beam的建议,我针对此问题打开了一个Cisco TAC案例,只是为了了解正式用词是什么:


嗨,马克,

谢谢。目前,ASA没有本地IPv6 PPPOE
支持。我没有在任何未来的路线图中看到它。您可能要
与您当地的cisco团队联系,以查看他们是否可以通过
为您提出业务案例来提交请求。


(重点是我的) 。因此,没有,无法使用PPPoE连接在ASA上进行IPv6,而且看起来很快也不会出现。我猜他们希望您将适当的路由器放在ASA的前面。