Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4373
Views
5
Helpful
8
Replies

IPV6 support IOS

fb_webuser
Level 6
Level 6

‎03-18-2013 05:37 PM - edited ‎03-01-2019 05:39 PM

I have the ASA5580-20,ACE-4710 & IPS-4260 devices now we are planning to implement IPV6.

Below IOS we have in my devices -

Asa831-smp-k8.bin

Ips-k9-7.0-2-e4

C4710ace-mz.a4-2-0.bin

Please which version IOS will support for the above devices.

---

Posted by WebUser Daniella Barkhova from Cisco Support Community App

Labels:
0 Helpful
8 Replies 8

jsmall123
Level 1
Level 1

‎03-19-2013 04:40 PM

The only problematic one is for ACE.  For that you need at least A5_1_0 to have IPv6 support, but I would go with the latest A5.2.2 or A5.2.1.

For the ASA I would strongly recommend 9.0.2 or 9.1.1.4.  9.0 added tremendous IPv6 capabilities including NAT66, NAT64/46, and IPv4/IPv6 are now managed with a unified policy which makes things easier.  AnyConnect also has full IPv6 support.  However, if you can't upgrade 8.3 has some support.

For the IPS I would go with the latest even though it doesn't really give you additional IPv6 capabilities - 7.1.7E4.  As with the ASA, 7.0.2 supports IPv6 but it's old and has lots of issues.

Julio Carvajal
VIP Alumni
VIP Alumni

‎03-19-2013 10:57 PM

Hello,

I agree with jsmall123 ( 5 stars for that answer )

Go to 9.0(1) or later as you will get:

-OSPFv3 support

-DNS IPv6 inspection

-SSL/IKEv2 support to the outside interface

-NAT setup

-Merged ACL setup for both IPv4 and IPv6

etc

I would not recommend the 8.3 track, it's really buggy.. Try 8.4 or later

IPS sensor support IPv6 since 6.2 but go to the latest to get the new features ( not related to IPv6) and to fix as many bugs as possible

Regards,

Julio Carvajal

Advanced Security Trainer

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

James Leinweber
Level 4
Level 4
In response to Julio Carvajal

‎03-21-2013 07:56 AM

While entirely endorsing the jsmall123 / jcarvaja preference for ASA 9.0(2), which fixes scores of 9.0(1) caveats, beware of the new-with-9 and as yet unfixed CSCue87407 DNS inspection bug which drops too many PTR queries, as uncovered and discussed in this thread:

https://supportforums.cisco.com/message/3867771

We probably have to turn off v9 ASA DNS inspection for a while.

-- Jim Leinweber

0 Helpful

fb_webuser
Level 6
Level 6

‎03-20-2013 11:22 AM

This thread may have some answers as well.

https://supportforums.cisco.com/message/3793802#3793802

---

Posted by WebUser Anamika Tiwari from Cisco Support Community App

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni
In response to fb_webuser

‎03-20-2013 11:40 PM

Hello,

Great,

Something else that we can do for you... or can you mark the question as answered?

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

fb_webuser
Level 6
Level 6

‎04-17-2013 03:52 PM

This thread may have some answers as well.

https://supportforums.cisco.com/message/3793802#3793802

---

Posted by WebUser Cisco NetPro from Cisco Support Community App

0 Helpful

fb_webuser
Level 6
Level 6

‎06-06-2013 12:01 PM

hellow

---

Posted by WebUser Janet Doe from Cisco Support Community App

0 Helpful

fb_webuser
Level 6
Level 6

‎06-19-2013 12:00 PM

This thread may have some answers as well.

https://supportforums.cisco.com/message/3793802#3793802

---

Posted by WebUser Janet Doe from Cisco Support Community App

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents