03-11-2019 08:51 PM
I cannot make it work and I do not find documentation explaining how to do it, but at the same time I do not find documentation saying it is not possible.
It is possible to have an IPv6 only deployment of AnyConnect?
I have a dual-stack firewall, if I connect to the outside IPv4 address, everything works including the split-tunnel for IPv4 and IPv6.
If I tried to connect to the outside IPv6 address it does not, I even tried forcing the DNS resolution using the host files and also removing the IPv4 address from the DNS but I'm not able to connect.
Can someone confirm if the AnyConnect client supports connections to an IPv6 endpoint and if it does, ideas of what I might be doing wrong?
Thanks!
Rolando A. Valenzuela.
03-19-2019 06:36 AM
04-03-2019 05:13 AM
Hello Ronaldo,
Do you have changed the AnyConnect XML Profile to support Protocols: IPv6, IPv4 ?
Which AnyConnect version do you use 4.6.x or 4.7.x ?
I configured SSL-Client and SSL-Clientless on the Connection Profile. I'm not sure how well IPsec / IKEv2 works.
I also have a followup issue with IPv6, I configured an A-Record and AAAA-Record, but AnyConnect prefer the A-Record. Even Microsoft ping resolve the IPv6 reach my ASA first.
Happy Hunting
04-03-2019 06:54 AM
Oliverrietbrock, XML configured, I tried both vestion 4.6.x and 4.7.x but even if my PC is IPv6 only, anyconnect crashes.
And with dual stack it will always prefer IPv4. So I'm wondering if it is NOT supported, I just haven't been able to find supporting documentation about it.
Rolando A. Valenzuela.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide