Network tunnel allowing IPv6 to bypass tunnel

Question

I have created a Network Access Tunnel with the following parameters:&nbsp;
Supported IP Version: IPv4Traffic Options: Force all traffic through tunnelAllow local subnet: NoClient side security: Prevent routing changes during Network Access connectionClient Options: Client for Microsoft network
I connect and authenticate from a browser and launch network access.  I receive an internal address from my IPv4 lease pool and can access internal resources.  The problem I have is that my workstation has an IPv6 stack as well and I can access any IPv6 resource on my home network at the same time.&nbsp;
How do I disable this split tunnel?&nbsp;
(Big-IP 11.4.1)&nbsp;
Thanks...&nbsp;

alexey_384 · Answer

Configure NA with IPv4+IPv6, and deny IPv6 access using ACL (or don't configure IPv6 GW or self-ip on BIG-IP).&nbsp;

david_g__33241 · Answer

I created an IPv6 lease pool and assigned it to the NA and presto - no more split tunnel.  No need to assign an IPv6 address to the interface.  Thanks for the quick response.

Forum Discussion

Network tunnel allowing IPv6 to bypass tunnel

2 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Syslog server not visible in GUI

Same LTM Monitor applied to different Pools with Common Nodes

irule execution error

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

Related Content

SSL VPN Split Tunneling and Office 365

DNS Tunnel Mitigation v2

What is Multi-Cloud Networking?

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows

DNS Tunneling Protection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS