maybe helpful?=

 9 12:26:43.335: IPv6 DHCP: Sending SOLICIT to FF02::1:2 on Dialer0
*Oct  9 12:26:43.359: IPv6 DHCP: Received ADVERTISE from FE80::12F3:11FF:FEA3:1F00 on Dialer0
*Oct  9 12:26:43.359: IPv6 DHCP: Removing server FE80::12F3:11FF:FEA3:1F00 that advertised no addresses
*Oct  9 12:26:44.447: IPv6 DHCP: Sending SOLICIT to FF02::1:2 on Dialer0
*Oct  9 12:26:44.471: IPv6 DHCP: Received ADVERTISE from FE80::12F3:11FF:FEA3:1F00 on Dialer0
*Oct  9 12:26:44.471: IPv6 DHCP: Removing server FE80::12F3:11FF:FEA3:1F00 that advertised no addresses
*Oct  9 12:26:44.471: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:26:44.471: IPv6 DHCP: DHCPv6 address changes state from SOLICIT to REQUEST (ADDR_ADVERTISE_RECEIVED) on Dialer0
*Oct  9 12:26:45.559: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:26:46.511: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:26:48.439: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:26:52.307: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:27:00.527: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:27:16.463: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 14:27:28: %SEC-6-IPACCESSLOGP: list 111 denied udp 89.163.144.212(5104) -> 93.104.115.32(5060), 1 packet  
*Oct  9 12:27:48.651: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:28:17.839: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 14:28:25: %SEC-6-IPACCESSLOGP: list 111 denied tcp 171.98.85.50(28364) -> 93.104.115.32(23), 1 packet  
*Oct  9 12:28:45.771: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:29:16.635: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 14:29:23: %SEC-6-IPACCESSLOGP: list 111 denied tcp 77.247.178.145(23) -> 93.104.115.32(57395), 1 packet  
*Oct  9 12:29:45.527: IPv6 DHCP: Reached max retransimission count 10
*Oct  9 12:29:45.527: IPv6 DHCP: DHCPv6 address changes state from REQUEST to IDLE (ADDR_SHUTDOWN) on Dialer0
*Oct  9 12:29:45.527: IPv6 DHCP: DHCPv6 address changes state from IDLE to SOLICIT (ADDR_START) on Dialer0
*Oct  9 12:29:45.527: IPv6 DHCP: DHCPv6 address changes state from REQUEST to SOLICIT (ADDR_TIMEOUT) on Dialer0
*Oct  9 12:29:46.587: IPv6 DHCP: Sending SOLICIT to FF02::1:2 on Dialer0
*Oct  9 12:29:46.611: IPv6 DHCP: Received ADVERTISE from FE80::12F3:11FF:FEA3:1F00 on Dialer0
*Oct  9 12:29:46.611: IPv6 DHCP: Removing server FE80::12F3:11FF:FEA3:1F00 that advertised no addresses
*Oct  9 12:29:47.707: IPv6 DHCP: Sending SOLICIT to FF02::1:2 on Dialer0
*Oct  9 12:29:47.731: IPv6 DHCP: Received ADVERTISE from FE80::12F3:11FF:FEA3:1F00 on Dialer0
*Oct  9 12:29:47.731: IPv6 DHCP: Removing server FE80::12F3:11FF:FEA3:1F00 that advertised no addresses
*Oct  9 12:29:47.731: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:29:47.731: IPv6 DHCP: DHCPv6 address changes state from SOLICIT to REQUEST (ADDR_ADVERTISE_RECEIVED) on Dialer0
*Oct  9 12:29:48.719: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:29:49.731: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:29:51.771: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 14:29:54: %SEC-6-IPACCESSLOGP: list 111 denied tcp 120.37.138.178(49250) -> 93.104.115.32(23), 1 packet  
*Oct  9 14:29:54: %SEC-6-IPACCESSLOGP: list 111 denied tcp 175.213.213.12(4282) -> 93.104.115.32(23), 2 packets  
*Oct  9 14:29:55: %SEC-6-IPACCESSLOGP: list 111 denied tcp 66.240.219.146(58022) -> 93.104.115.32(7777), 1 packet  
*Oct  9 12:29:55.935: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:30:04.095: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:30:19.907: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 14:30:32: %SEC-6-IPACCESSLOGP: list 111 denied tcp 187.35.101.245(60168) -> 93.104.115.32(23), 1 packet  
*Oct  9 12:30:47.391: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:31:15.359: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:31:45.619: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:32:13.987: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0

2:32:41.147: IPv6 DHCP: DHCPv6 address changes state from REQUEST to IDLE (ADDR_SHUTDOWN) on Dialer0
*Oct  9 12:32:41.147: IPv6 DHCP: DHCPv6 address changes state from IDLE to SOLICIT (ADDR_START) on Dialer0
*Oct  9 12:32:41.147: IPv6 DHCP: DHCPv6 address changes state from REQUEST to SOLICIT (ADDR_TIMEOUT) on Dialer0
*Oct  9 12:32:42.155: IPv6 DHCP: Sending SOLICIT to FF02::1:2 on Dialer0
*Oct  9 12:32:42.179: IPv6 DHCP: Received ADVERTISE from FE80::12F3:11FF:FEA3:1F00 on Dialer0
*Oct  9 12:32:42.179: IPv6 DHCP: Removing server FE80::12F3:11FF:FEA3:1F00 that advertised no addresses
*Oct  9 12:32:43.163: IPv6 DHCP: Sending SOLICIT to FF02::1:2 on Dialer0
*Oct  9 12:32:43.187: IPv6 DHCP: Received ADVERTISE from FE80::12F3:11FF:FEA3:1F00 on Dialer0
*Oct  9 12:32:43.187: IPv6 DHCP: Removing server FE80::12F3:11FF:FEA3:1F00 that advertised no addresses
*Oct  9 12:32:43.187: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:32:43.187: IPv6 DHCP: DHCPv6 address changes state from SOLICIT to REQUEST (ADDR_ADVERTISE_RECEIVED) on Dialer0
*Oct  9 14:32:43: %SEC-6-IPACCESSLOGP: list 111 denied tcp 194.135.108.30(50259) -> 93.104.115.32(23), 1 packet  
*Oct  9 12:32:44.147: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:32:45.103: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0
*Oct  9 12:32:47.019: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer0



i also changed in  Dialer0 ipv6 address dhcp durch ipv6 address NODE-PD ::FF:0:0:0:1/128, to get a ipv6 adress.....

maybe interesent?

ping test from client sucess, but open a website in ipv6 wont work

user4754s-iMac:~ user4754$ ping6 www.heise.de
PING6(56=40+8+8 bytes) 2001:a61:20b2:bf00:c135:34cd:a118:d515 --> 2a02:2e0:3fe:1001:7777:772e:2:85
16 bytes from 2a02:2e0:3fe:1001:7777:772e:2:85, icmp_seq=0 hlim=58 time=32.331 ms
16 bytes from 2a02:2e0:3fe:1001:7777:772e:2:85, icmp_seq=1 hlim=58 time=32.322 ms
16 bytes from 2a02:2e0:3fe:1001:7777:772e:2:85, icmp_seq=2 hlim=58 time=32.493 ms
16 bytes from 2a02:2e0:3fe:1001:7777:772e:2:85, icmp_seq=3 hlim=58 time=32.326 ms
16 bytes from 2a02:2e0:3fe:1001:7777:772e:2:85, icmp_seq=4 hlim=58 time=32.782 ms

Hello,

can you try and add:

dialer-list 1 protocol ipv6 permit

to your configuration ?

And temporarily disable 'dialer-list 1 protocol ip list 101 ?

Hi,

i already tried this , but nothing!

I have a feeling we are just missing a small detail...

Under the Dialer 0 configuration, can you try again and add the rapid-commit option:

ipv6 dhcp client pd NODE-PD rapid-commit

in the Dialer0: theres ipv6 address dhcp and ipv6 adress autoconfig default

ipv6 dhcp client pd NODE-PD rapid-commit

##########

LOG Shows: *Oct 9 16:16:07: %IPV6_ACL-6-ACCESSLOGP: list WAN_OUTSIDE_INv6/100 denied udp 2001:A60::53:2(53) (Dialer0) -> 2001:A61:3113:BE00::1(53546), 1 packet *Oct 9 16:16:07: %IPV6_ACL-6-ACCESSLOGP: list WAN_OUTSIDE_INv6/100 denied udp 2001:A60::53:2(53) (Dialer0) -> 2001:A61:3113:BE00::1(60449), 1 packet *Oct 9 16:16:08: %IPV6_ACL-6-ACCESSLOGP: list WAN_OUTSIDE_INv6/100 denied udp 2001:A60::53:2(53) (Dialer0) -> 2001:A61:3113:BE00::1(61881), 1 packet *Oct 9 16:16:08: %IPV6_ACL-6-ACCESSLOGP: list WAN_OUTSIDE_INv6/100 denied udp 2001:A60::53:2(53) (Dialer0) -> 2001:A61:3113:BE00::1(58848), 1 packet

#########

i also get no ip address for the dialer0

for your better understanding now:

this is my actual config :

Cisco1921#show running-config
Building configuration...

Current configuration : 7390 bytes
!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime localtime
service password-encryption
!
hostname Cisco1921
!
boot-start-marker
boot-end-marker
!
!
security authentication failure rate 3 log
security passwords min-length 10
enable secret XXXX
!
no aaa new-model
ethernet lmi ce
clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
!
!
!
!
!
!
!
!
!
ip dhcp binding cleanup interval 600
ip dhcp excluded-address 192.168.50.170 192.168.50.254
ip dhcp excluded-address 192.168.50.1 192.168.50.153
!
ip dhcp pool Internal Network
 network 192.168.50.0 255.255.255.0
 domain-name soho.intern
 default-router 192.168.50.2
 dns-server 192.168.50.2
!         
!         
!         
ip domain name soho.intern
ip name-server 212.18.0.5
ip name-server 212.18.3.5
ip name-server 2001:A60::53:1
ip name-server 2001:A60::53:2
ip inspect name Firewall udp
ip inspect name Firewall sip
ip inspect name Firewall rtsp
ip inspect name Firewall ftp
ip inspect name Firewall icmp
ip inspect name Firewall pptp
ip inspect name Firewall tcp
ip inspect name Firewall https
ip inspect name Firewall pop3s
ip inspect name Firewall smtp
ip inspect name Firewall imaps
ip cef    
ipv6 general-prefix MyLocals FD00:1234:5678::/48
ipv6 general-prefix MyLocals FD00:8765:4321::/48
ipv6 unicast-routing
ipv6 dhcp pool NODE-DHCPV6
 prefix-delegation pool NODE-PD lifetime 1800 60
 dns-server 2001:A60::53:1
 dns-server 2001:A60::53:2
 domain-name soho.intern
!         
ipv6 inspect name inspectv6 tcp
ipv6 inspect name inspectv6 udp
ipv6 inspect name inspectv6 icmp
ipv6 inspect name inspectv6 ftp
ipv6 multicast-routing
ipv6 cef  
!         
multilink bundle-name authenticated
!         
cts logging verbose
!         
crypto pki trustpoint TP-self-signed-3541750139
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3541750139
 revocation-check none
 rsakeypair TP-self-signed-3541750139
!         
!         
crypto pki certificate chain TP-self-signed-3541750139
 certificate self-signed 01
XXXX
        quit
license udi pid CISCO1921/K9 sn XXX
!         
!         
username user4754 password XXXX
!         
redundancy
!         
!         
!         
!         
!         
controller VDSL 0/1/0
 firmware filename flash:VA_A_39m_B_38u_24h.bin
!         
ip tcp synwait-time 5
!         
!         
!         
!         
!         
!         
!         
!         
!         
!         
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!         
interface GigabitEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!         
interface GigabitEthernet0/1
 description NETWORK INTERN
 ip address 192.168.50.2 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 ip tcp adjust-mss 1452
 duplex auto
 speed auto
 ipv6 address MyLocals ::1/64
 ipv6 address NODE-PD ::1/64
 ipv6 address autoconfig
 ipv6 enable
 ipv6 nd other-config-flag
 ipv6 dhcp server NODE-DHCPV6
 ipv6 inspect inspectv6 out
!         
interface ATM0/1/0
 no ip address
 no atm ilmi-keepalive
!         
interface ATM0/1/0.1 point-to-point
 pvc 1/32
  bridge-dot1q encap 40
  pppoe-client dial-pool-number 1
 !        
!         
interface Ethernet0/1/0
 no ip address
 no ip route-cache
!         
interface Ethernet0/1/0.40
 encapsulation dot1Q 40
 no ip route-cache
 pppoe enable group global
 pppoe-client dial-pool-number 1
!         
interface GigabitEthernet0/0/0
 description NETWORK VOIP
 no ip address
!         
interface GigabitEthernet0/0/1
 no ip address
!         
interface GigabitEthernet0/0/2
 no ip address
!         
interface GigabitEthernet0/0/3
 no ip address
!         
interface Vlan1
 no ip address
!         
interface Dialer0
 description VDSL Einwahl Interface to ISP MNET
 mtu 1492
 ip address negotiated
 ip access-group 111 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 ip inspect Firewall out
 ip virtual-reassembly in
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 1800 inbound
 dialer-group 1
 ipv6 address dhcp
 ipv6 address FE80::179:1 link-local
 ipv6 address autoconfig default
 ipv6 enable
 ipv6 mtu 1492
 no ipv6 redirects
 no ipv6 unreachables
 ipv6 dhcp client pd NODE-PD rapid-commit
 ipv6 verify unicast reverse-path
 ipv6 inspect inspectv6 out
 ipv6 traffic-filter WAN_OUTSIDE_INv6 in
 ipv6 traffic-filter WAN_INSIDE_OUTv6 out
 ipv6 virtual-reassembly in
 no keepalive
 ppp authentication pap chap callin
 ppp chap hostname XXXXX@mdsl.mnet-online.de
 ppp chap password XXXXX
 ppp ipcp dns request
 ppp ipcp mask request
 ppp ipcp route default
 no cdp enable
!         
ip forward-protocol nd
!         
ip http server
ip http secure-server
!         
ip dns server
no ip nat service sip udp port 5060
ip nat inside source list 101 interface Dialer0 overload
!         
dialer-list 1 protocol ipv6 permit
ipv6 route ::/0 Dialer0
!         
!         
access-list 101 permit ip 192.168.50.0 0.0.0.255 any
access-list 111 permit icmp any any administratively-prohibited
access-list 111 permit icmp any any echo-reply
access-list 111 permit icmp any any packet-too-big
access-list 111 permit icmp any any time-exceeded
access-list 111 permit icmp any any unreachable
access-list 111 permit udp any eq domain any
access-list 111 permit tcp any eq domain any
access-list 111 permit udp any eq ntp any
access-list 111 permit gre any any
access-list 111 permit udp any eq bootps any
access-list 111 permit udp any any eq 546
access-list 111 permit udp any eq 5060 any
access-list 111 deny   ip any any log
!         
ipv6 access-list BLOCKv6
 deny ipv6 any any log-input
!         
ipv6 access-list WAN_INSIDE_OUTv6
 permit icmp any any
 permit tcp any any
 permit udp any any
 sequence 100 deny ipv6 any any log-input
!         
ipv6 access-list WAN_OUTSIDE_INv6
 permit icmp any any nd-na
 sequence 11 permit icmp any any nd-ns
 sequence 12 permit udp any any eq 546
 sequence 20 permit icmp any any
 sequence 40 permit tcp any any established
 sequence 100 deny ipv6 any any log-input
!         
control-plane
!         
!         
!         
line con 0
 logging synchronous
 login local
 transport preferred none
line aux 0
line 2    
 no activation-character
 no exec  
 transport preferred none
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 password XXXX
 ipv6 access-class BLOCKv6 in
 login local
 transport preferred none
 transport input telnet ssh
!         
scheduler allocate 20000 1000
!         
end       
  

Cisco1921#show ipv6 route
IPv6 Routing Table - default - 9 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
       I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
       EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
       NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
       OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
       a - Application
S   ::/0 [1/0]
     via Dialer0, directly connected
S   2001:A61:20AC:F600::/56 [1/0]
     via Null0, directly connected
C   2001:A61:20AC:F600::/64 [0/0]
     via GigabitEthernet0/1, directly connected
L   2001:A61:20AC:F600::1/128 [0/0]
     via GigabitEthernet0/1, receive
C   FD00:1234:5678::/64 [0/0]
     via GigabitEthernet0/1, directly connected
L   FD00:1234:5678::1/128 [0/0]
     via GigabitEthernet0/1, receive
C   FD00:8765:4321::/64 [0/0]
     via GigabitEthernet0/1, directly connected
L   FD00:8765:4321::1/128 [0/0]
     via GigabitEthernet0/1, receive
L   FF00::/8 [0/0]
     via Null0, receive

*Oct  9 17:12:47: %IPV6_ACL-6-ACCESSLOGP: list WAN_OUTSIDE_INv6/100 denied udp 2001:A60::53:1(53) -> 2001:A61:3131:B6FF::1(62305), 1 packet
*Oct  9 17:12:47: %IPV6_ACL-6-ACCESSLOGP: list WAN_OUTSIDE_INv6/100 denied udp 2001:A60::53:2(53) -> 2001:A61:3131:B6FF::1(52471), 1 packet
*Oct  9 17:12:48: %IPV6_ACL-6-ACCESSLOGP: list WAN_OUTSIDE_INv6/100 denied udp 2001:A60::53:1(53) -> 2001:A61:3131:B6FF::1(61544), 1 packet
*Oct  9 17:12:53: %IPV6_ACL-6-ACCESSLOGP: list WAN_OUTSIDE_INv6/100 denied udp 2001:A60::53:2(53) -> 2001:A61:3131:B6FF::1(62305), 1 packet
*Oct  9 17:12:54: %IPV6_ACL-6-ACCESSLOGP: list WAN_OUTSIDE_INv6/100 denied udp 2001:A60::53:2(53) -> 2001:A61:3131:B6FF::1(61544), 1 packet

i also guessing, dns will be blocked? Right?

hmm meanwhile..after rebooting Cisco, could be there the issu, that DNS was not allowed to get out?

Hi,

I am curious to know what happens if the IPv6 access list are disabled, or if you just allow all IPv6 traffic in and out. Can you give that a try ?

permit ipv6 any any

in both access lists WAN_OUTSIDE_INv6 and WAN_INSIDE_OUTv6  ?

Good Idea, i entered your commands ....but nothing ...same result...same problem.....i did also a restart of my cisco ,....nothing....

i am feeling thats only a small setting :D

Hello,

I recreated the following setup:

R1 (IPv6 server) --> R2 (IPv6 client)

R2 (the client) got IPv6 addresses from R1 (the server) by just configuring the interfaces with the commands 'ipv6 address autoconfig' and 'ipv6 enable'. This setup assumes that your provider has configured stateless DHCP, Can you try to put just this on your interfaces:

interface GigabitEthernet0/1

ipv6 enable

ipv6 address autoconfig

interface Dialer0

ipv6 enable

ipv6 address autonfig

I am setting up stateful DHCP as well, I will let you know when I get this to work.

Hello,

in case your provider has configured stateful DHCP, the commands on your interfaces should be:

interface GigabitEthernet0/1

ipv6 enable

ipv6 address dhcp (try this with or without the 'rapid-commit' option

interface Dialer0

ipv6 enable

ipv6 address dhcp (try this with or without the 'rapid-commit' option

I got this working in my test environment; either way, since your provider is the DHCP server, you would not need to configure any DHCP server items on your router.

Give this a try and let me know what happens.