Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
407
Views
0
Helpful
2
Replies

IPv6 Teredo tunnels with RFC 1918 endpoints

fsebera
Level 4
Level 4

‎02-02-2017 11:06 AM - edited ‎03-08-2019 09:09 AM

Our captured traffic shows destination port UDP 3544.   (default port for Teredo tunnels is UDP 3544)

The destination addresses have private addresses (10, 172 and/or 192 and 13.92.90.48 which resolves to Microsoft).

Because we have dynamic NAT/PAT setup on the border firewall, outbound traffic gets a new public source address but the destination IP is still private.

Can we safely assume that unless we have twice nat setup on the border firewall, then any traffic egressing the border firewall is dropped due to the destination private address? 

Thanks

Frank

Labels:
0 Helpful
2 Replies 2

Philip D'Ath
VIP Alumni
VIP Alumni

‎02-02-2017 11:57 AM

This firewall connects to the Internet?  If so, you should not be sending packets out of the firewall with private IP addresses as either the source or destination.  It wont be routable on the global Internet.

0 Helpful

fsebera
Level 4
Level 4
In response to Philip D'Ath

‎02-02-2017 12:01 PM

I know and that is part of the problem. The packet capture shows data is being transferred - 1000s of packets but I cannot understand how this is taking place when src/dst is RFC 1918 addresses.

If we have a nat technology that nats both src/dst to public address is the only thing I can think of.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card