Hi Everyone, In short: I am trying to get ipv4 and ipv6 over PPPoE running on my PIX515e. Heres a bit more info about my setup and the scenario: My internet provider (residential) has offered me a dual-stack service on my ADSL. I get a STATIC ipv4 address, but a DYNAMIC ipv6 address. Additionally I get a STATIC ipv6 /56 prefix for my lan "if my router supports prefix delegation". My PIX is the 515e and its running PIX 7.2(4) with ASDM 5.2. Getting the ipv4 side of it working isnt an issue - ive configured the pppoe side of it with my username and password, and configured my outside interface (Ethernet 0) with the ipv4 address. But I cannot figure out how to get a dynamic ipv6 address on the outside (Ethernet 0) interface. At this stage all I care about is getting a dynamic ipv6 address on Ethernet 0. I dont care about the "lan" prefix or Prefix Delegation part of it because I figure I'll just NAT my lan ipv6 addresses out to the internet using the dyanmic ipv6 address on the outside interface. Ive read a lot of articles and looked at a lot of examples but none quite explain what im trying to do. I have enabled ipv6 on the outside interface - ipv6 enable and ive looked at ipv6 address and ive found the autoconfigure option but that doesnt appear to fetch the ipv6 address from my internet provider. I guess im expecting to see something like ipv6 address dhcp or ipv6 address pppoe So my question is does anyone know how I can get dual-stack working on my outside interface with dynamically assigned ipv6 from pppoe. Or do i need to update the PIX software on my device. If so, can anyone suggest which version? Any help is greately appreciated.
... View more
Hi everyone, I've got an ASA 5510 with two internet links. one is the primary link delivered as a cat5 ethernet hand-off from the internet provider. the other is a backup adsl link provided by the same internet provider. I'm trying to configure the ASA so that if the primary ethernet internet link goes down the backup adsl link is dialed-up and used, and when the primary ethernet link is restored the backup link is disconnected and routing goes back through the primary link. i've been looking into this for quite some time and trying different things but im still unsure of the best way to do this because im fairly unfamiliar with using the pppoe client on the ASA, and im still fairly amature at configuring redundant links so im hoping someone can help me. to give you some background on the setup: ive got two ASA 5510's running asa software 8.2(2) 12 in an active/standby failover configuration and that works fine. primary internet link is a 4meg/4meg ethernet hand-off with static ip subnets the two ASA's outside interfaces and the ethernet link from the ISP connect in to a small switch. secondary link is adsl2+ which adopts the same static ips from the primary link when the pppoe session is established which means when the pppoe session comes up traffic is no longer routed to the primary link. The ADSL is delivered to the ASA via a DSL modem in bridge mode. The two ASA's backup interfaces are connected to the DSL modems ethernet ports. even though both internet links have the same ip subnets assigned they would have different next hops (i havent had a chance to check this but logically it would be true). this site acts as the ipsec hub to various branch sites. this site also has remote access ipsec for support staff. this site hosts internet services like email and web my first challenge appears to be configuring the ASA to know when the primary link is down. Since its an ethernet link, the ASA wont know anything is wrong unless the cable is physically cut or disconnected. I know I can use sla monitor to ping test the isp end of the link to determine if its up or down. the next challenge is getting the asa to start the pppoe session for the adsl only when the primary link is determined to be down, and to disconnect the pppoe session when the primary link is determined to be up. Since bringing up the adsl connection stops all traffic bring routed to the primary internet link i dont want to bring up the adsl connection until the primary link is deemed to be down, otherwise all traffic will be unneccessarily routed through the slower adsl link. And then lastly i need to make sure the access lists and static NATs still work after the primary link goes down and the backup link comes up - e.g. can people still hit the website, can mail still be delivered, or will i need to create another set of access lists and static NATs to work with the backup link. any help or advice greately appreciated.
... View more