Forum Discussion
David_G__33241
Nimbostratus
Feb 12, 2014Network tunnel allowing IPv6 to bypass tunnel
I have created a Network Access Tunnel with the following parameters:
- Supported IP Version: IPv4
- Traffic Options: Force all traffic through tunnel
- Allow local subnet: No
- Client side security: Prevent routing changes during Network Access connection
- Client Options: Client for Microsoft network
I connect and authenticate from a browser and launch network access. I receive an internal address from my IPv4 lease pool and can access internal resources. The problem I have is that my workstation has an IPv6 stack as well and I can access any IPv6 resource on my home network at the same time.
How do I disable this split tunnel?
(Big-IP 11.4.1)
Thanks...
2 Replies
- Alexey_384Historic F5 Account
Configure NA with IPv4+IPv6, and deny IPv6 access using ACL (or don't configure IPv6 GW or self-ip on BIG-IP).
- David_G__33241
Nimbostratus
I created an IPv6 lease pool and assigned it to the NA and presto - no more split tunnel. No need to assign an IPv6 address to the interface. Thanks for the quick response.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects