Hello,

ok, I was just wondering if the router edited that pd name or if it was actually configured. Never mind.

I have put out a couple of posts on other forums, hopefully I'll get an answer...

oh ok, yeah I just put that in as a description.

Thank you for all your help. I did some google searches yesterday and found how a few people using comcast set it up and didn't have any luck on that working either.

I will give this a try and let you know how it works.

Thank you!

I got the config fixed and still no IPv6 address on LAN side. Maybe it takes a bit to grab one? No errors on dhcp logging either.

Here is the config. I'll report back after lunch and see if maybe by then if it grabbed an IP

UPDATE: still no lan ipv6 address

*Nov 21 19:28:19.231: IPv6 DHCP: Received INFORMATION-REQUEST from FE80::A64C:11FF:FE84:72A9 on GigabitEthernet0/1.1
*Nov 21 19:28:19.231: IPv6 DHCP: Received SOLICIT from FE80::A64C:11FF:FE84:72A9 on GigabitEthernet0/1.1
*Nov 21 19:28:19.231: IPv6 DHCP: Using interface pool Cox
*Nov 21 19:28:19.231: IPv6 DHCP: Source Address from SAS FE80::21B:D4FF:FEEE:A601

*Nov 21 19:28:19.231: IPv6 DHCP: Sending REPLY to FE80::A64C:11FF:FE84:72A9 on GigabitEthernet0/1.1
*Nov 21 19:28:19.231: IPv6 DHCP: Using interface pool Cox
*Nov 21 19:28:19.231: IPv6 DHCP: Creating binding for FE80::A64C:11FF:FE84:72A9 in pool Cox
*Nov 21 19:28:19.231: IPv6 DHCP: Binding for IA_NA 00090001 not found
*Nov 21 19:28:19.231: IPv6 DHCP: Allocating IA_NA 00090001 in binding for FE80::A64C:11FF:FE84:72A9
*Nov 21 19:28:19.231: IPv6 DHCP: Freeing IA_NA 00090001 from binding for FE80::A64C:11FF:FE84:72A9
*Nov 21 19:28:19.231: IPv6 DHCP: Freeing binding for FE80::A64C:11FF:FE84:72A9 from pool Cox
*Nov 21 19:28:19.231: IPv6 DHCP: Source Address from SAS FE80::21B:D4FF:FEEE:A601

*Nov 21 19:28:19.231: IPv6 DH

UPDATE 2: After rebooting the router I now get an IPv6 address on the Lan and my desktop pc gets one as well....however I now do not have an IPv6 address on my WAN for some reason. I can also not ping out using IPv6 from desktop or router.

with this error *Nov 21 20:42:47.439: %IPV6_ND-4-DUPLICATE: Duplicate address 2600:8803:7F11:500:****:****:****:**** on GigabitEthernet0/0

.



! Last configuration change at 17:50:35 UTC Mon Nov 21 2016 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router2821
!
boot-start-marker
boot system flash c2800nm-adventerprisek9-mz.151-4.M10.bin
boot-end-marker
!
!
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
!
!
dot11 syslog
ip source-route
!
!
ip cef
!
!
!
ip domain name Home
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
ipv6 dhcp pool Cox
prefix-delegation pool Cox-ipv6
dns-server 2001:4860:4860::8888
dns-server 2001:4860:4860::8844
!
ipv6 inspect name traffic ftp
ipv6 inspect name traffic udp
ipv6 inspect name traffic icmp
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-1
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1
revocation-check none
rsakeypair TP-self-signed
!
crypto pki certificate chain TP-self-signed-1

quit
!
!
license udi pid CISCO2821 sn 
username admin privilege 15 password 7 
!
redundancy
!
!
ip ssh time-out 70
ip ssh authentication-retries 2
ip ssh version 2
!
class-map type inspect match-any All_Protocols
match protocol tcp
match protocol udp
match protocol icmp
!
!
policy-map type inspect Trusted_to_Internet
class type inspect All_Protocols
inspect
class class-default
drop
!
zone security Trusted
zone security Internet
zone-pair security Trusted->Internet source Trusted destination Internet
service-policy type inspect Trusted_to_Internet
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
description WAN
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
ipv6 address dhcp
ipv6 address autoconfig default
ipv6 enable
ipv6 nd autoconfig default-route
ipv6 verify unicast reverse-path
ipv6 dhcp client pd hint ::/60
ipv6 dhcp client pd Cox-ipv6
ipv6 inspect traffic out
ipv6 traffic-filter wan-in in
ipv6 traffic-filter wan-out out
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.1
description LAN
encapsulation dot1Q 1 native
ip address 10.10.1.253 255.255.255.0
ip nat inside
ip virtual-reassembly in
ipv6 address Cox-ipv6 ::/64 eui-64
ipv6 address autoconfig
ipv6 enable
ipv6 nd other-config-flag
ipv6 dhcp server Cox
!
interface GigabitEthernet0/1.2
description Wireless
encapsulation dot1Q 2
ip address 192.168.2.254 255.255.255.0
ip access-group wifi_block in
ip access-group wifi_block out
ip nat inside
ip virtual-reassembly in
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip dns server
ip nat inside source list NAT interface GigabitEthernet0/0 overload
ip nat inside source static udp 10.10.1.249 1194 interface GigabitEthernet0/0 1194
ip nat inside source static udp 10.10.1.249 1195 interface GigabitEthernet0/0 1195
ip nat inside source static tcp 10.10.1.249 443 interface GigabitEthernet0/0 443
ip nat inside source static tcp 10.10.1.249 22 interface GigabitEthernet0/0 1022
ip nat inside source static tcp 192.168.2.7 80 interface GigabitEthernet0/0 1080
ip nat inside source static tcp 192.168.2.8 80 interface GigabitEthernet0/0 1081
ip nat inside source static tcp 10.10.1.247 42365 interface GigabitEthernet0/0 42365
ip nat inside source static tcp 10.10.1.247 5500 interface GigabitEthernet0/0 5500
ip nat inside source static tcp 10.10.1.247 5501 interface GigabitEthernet0/0 5501
ip route 10.28.0.0 255.255.255.0 10.10.1.249
ip route 10.29.0.0 255.255.255.0 10.10.1.249
ip route 10.30.0.0 255.255.255.0 10.10.1.249
!
ip access-list extended NAT
deny ip 10.10.1.0 0.0.0.255 192.168.2.0 0.0.0.255
deny ip 192.168.2.0 0.0.0.255 10.10.1.0 0.0.0.255
permit ip any any
ip access-list extended wifi_block
deny ip 192.168.2.0 0.0.0.255 10.10.1.0 0.0.0.255
deny ip 10.10.1.0 0.0.0.255 192.168.2.0 0.0.0.255
permit ip any any
!
ip sla 1
http get http://f
ip sla schedule 1 life forever start-time now
access-list 122 deny tcp any eq 22 any
access-list 122 permit tcp 10.0.0.0 0.255.255.255 any
!
!
!
!
snmp-server community fast_RO
snmp-server host 10.10.1.249 version 2c fast
!
!
!
!
ipv6 access-list wan-in
permit icmp any any
permit udp any any eq 546
permit tcp any any established
sequence 100 deny ipv6 any any
!
ipv6 access-list wan-out
permit icmp any any
permit tcp any any
permit udp any any
sequence 100 deny ipv6 any any

It works now, I don't know what happened but a few hours later the WAN pulled an IP.

Thank you so much for your help!

Good stuff ! Can you do me a favor and post the output of:

show ipv6 interfaces

I'll keep that as a reference...

Router2821#show ipv6 interface
GigabitEthernet0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::21B:D4FF:FEEE:A600
No Virtual link-local address(es):
Description: WAN
Stateless address autoconfig enabled
Global unicast address(es):
2600:8803:7F11:500:*****:9217:42AB:B397, subnet is 2600:8803:7F11:500:*****:9217:42AB:B397/128
Joined group address(es):
FF02::1
FF02::2
FF02::1:FFAB:B397
FF02::1:FFEE:A600
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
Input features: Common pak subblock Access List Verify Unicast Reverse-Path
Output features: Access List Firewall Inspection
Inbound access list wan-in
IPv6 verify source reachable-via rx, allow default
0 verification drop(s) (process), 0 (CEF)
0 suppressed verification drop(s) (process), 0 (CEF)
Outgoing access list wan-out
Outbound Inspection Rule traffic
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 30000)
ND advertised reachable time is 0 (unspecified)
ND advertised retransmit interval is 0 (unspecified)
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
ND advertised default router preference is Medium
Hosts use stateless autoconfig for addresses.
GigabitEthernet0/1.1 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::21B:D4FF:FEEE:A601
No Virtual link-local address(es):
Description: LAN
Stateless address autoconfig enabled
General-prefix in use for addressing
Global unicast address(es):
2600:8803:7A80:*****:21B:D4FF:FEEE:A601, subnet is 2600:8803:7A80:****::/64 [EUI/CAL/PRE]
valid lifetime 67032 preferred lifetime 67032
Joined group address(es):
FF02::1
FF02::2
FF02::1:2
FF02::1:FFEE:A601
FF05::1:3
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
Input features: Common pak subblock
Output features: Firewall Inspection
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 30000)
ND advertised reachable time is 0 (unspecified)
ND advertised retransmit interval is 0 (unspecified)
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
ND advertised default router preference is Medium
Hosts use stateless autoconfig for addresses.
Hosts use DHCP to obtain other configuration.
Router2821#

Hello,

I am wondering: on your GigabitEthernet0/0, you have this:

ipv6 dhcp client pd prefix-from-Cox

Did you edit that pd, or is that what is actually configured ?

On the LAN side (GigabitEthernet0/1.1) the pd should match:

ipv6 address dhcp
ipv6 enable
ipv6 nd reachable-time 3600000
ipv6 nd ra suppress all
ipv6 dhcp client pd prefix-from-Cox