Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
106
Views
0
Helpful
0
Comments

GA release of “support for IPv6 for AD Connectors in Secure Access"

gaushar7
Cisco Employee
Cisco Employee

on ‎07-29-2025 03:39 PM

We are excited to announce, “support for IPv6 for AD Connectors in Secure Access” , is Generally Available now.

Feature Overview

This feature update introduces IPv6 support in Secure Access for key operations involving AD Connector (ADC) and Domain Controller (DC). Previously limited to IPv4, this enhancement enables registration and communication over both IPv4 and IPv6 networks, providing greater flexibility for hybrid and IPv6-enabled environments. Key updates include support for IPv6 in ADC and DC registration, communication protocols, logon event handling, and synchronization of AD users and groups. This ensures seamless integration with both IPv4 and IPv6 infrastructure.

 

Note:

  • API Gateway service is limited to IPv4 networks only. Therefore, on pure IPv6 networks, the registration and synchronization processes for both the AD Connector and Domain Controller will fail. Full support for pure IPv6 networks is not yet available.
  • Enable Enhanced Auth registration and sync mechanism (as described on https://docs.sse.cisco.com/sse-user-guide/docs/configure-authentication-ad-connectors-and-vas) to use IPv6 related capabilities in ADC 1.15.0
  • An IPv6-only AD Connector (ADC) will not be able to communicate with an IPv4-only Virtual Appliance (VA) to send user-to-IP mappings. As a result, it is necessary to deploy dual-stack VAs to ensure seamless communication

 

Key Benefits

Currently, AD Connector (ADC) and Domain Controller (DC) can only be registered using IPv4 addresses. Additionally, communication between the AD Connector, Domain Controller, and Virtual Appliance (VA) is limited to IPv4 networks.

With this update, support for IPv6 will be introduced across the following stages of operation:

  1. AD Connector Registration:
  •          AD Connector can now be registered on the Secure Access dashboard using either IPv4 or IPv6 addresses.
  1. Domain Controller Registration:
  •          Domain Controllers can now be registered on the Secure Access dashboard using either IPv4 or IPv6 addresses.
  1. Enhanced Communication Protocols:
  •          Communication with Domain Controllers will now be supported over both IPv4 and IPv6 networks.
  1. Logon Event Handling:
  •          AD Connector will read logon events from Domain Controllers (using IPv4 or IPv6 addresses) and send them to the Virtual Appliance over IPv4 networks.
  1. User and Group Synchronization:
  •          AD Connector will fetch Active Directory (AD) users and groups from Domain Controllers using either IPv4 or IPv6 networks and send the data to the Secure Access dashboard over IPv4 or IPv6 networks. 

This feature enhancement ensures seamless integration and improved flexibility for environments transitioning to IPv6, while maintaining compatibility with existing IPv4 infrastructure.

 

Documentation and Resources

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents