I'm trying to configure IPv6 packet inspection on a 2911 router (IOS 15.1(2)T5) but I'm unable to inspect router-generated traffic. There isn't an option "ipv6 inspect name xxxx udp router-traffic" as in IPv4. Thus I'm unable to ping from the router to a remote host.
I could solve the ping problem by simply adding a "permit icmp any any echo-reply" on my ACL, but I'm still unable to access TCP or UDP-based services (DNS, HTTP...).
Does anyone know if is it possible to enable IPv6 router-generated traffic, or is there any other solution for this problem? If so, how can I do that?
ipv6 inspect name SPI_DIALER1_OUT tcp ipv6 inspect name SPI_DIALER1_OUT udp ipv6 inspect name SPI_DIALER1_OUT icmp ipv6 inspect name SPI_DIALER1_OUT ftp
interface Dialer1 ipv6 inspect SPI_DIALER1_OUT out ipv6 traffic-filter acl6_dialer1_in in
ipv6 access-list acl6_dialer1_in sequence 10 permit icmp any any nd-ns sequence 20 permit icmp any any nd-na sequence 30 permit icmp any any router-advertisement sequence 40 permit icmp any any echo-reply deny ipv6 any any log