Hi,
In my IAP225, I am trying to block IPv6 traffic on a specific network. My goal is to allow only IPv4 traffic and block all ipv6 traffic going in the network. To achive this, I have created a network profile and associated a ACL rule to the profile. The acl rule to deny ipv6 traffic is given below.
84:d4:7e:c6:d5:74 (Access Rule "TEST") # rule any any match ipv6 any any deny
However, this is not working. I can still send ipv6 traffic(ping traffic) over the network.
Set-up details: I have a set-up with 2 Aruba AP's and each WAP is connected with one Client(laptop's). The Laptop's are configured with IPv6 addresses(default link local address).With the above ACL rule configured in Aruba, I expect, all IPv6 traffic should be dropped however, that is not happening. I can still reach other client in the network via ping.
Aruba WAP Type : IAP225
Firware Version : 6.5.0.0-4.3.0.0_56428
Please let me know is there any way to block only IPv6 traffic?
Thanks in advance.
-Shiva
Attaching the the complete network configuration and the ACL rule for your reference.
ACL Rule:
wlan access-rule TEST
index 3
rule 224.0.0.0 240.0.0.0 match any any any deny
rule 172.19.248.0 255.255.255.248 match any any any permit
rule 172.19.248.0 255.255.252.0 match udp any any permit
rule 172.19.248.0 255.255.252.0 match any any any deny
rule any any match ipv6 any any deny
rule any any match any any any permit
wlan ssid-profile TEST
enable
work-without-uplink
index 1
type guest
essid Test-SSID
opmode opensystem
max-authentication-failures 0
vlan 4092
rf-band all
captive-portal disable
dtim-period 1
inactivity-timeout 120
broadcast-filter unicast-arp-only
deny-inter-user-bridging
g-min-tx-rate 36
a-min-tx-rate 36
a-basic-rates 36,48,54
a-tx-rates 36,48,54
g-basic-rates 36,48,54
g-tx-rates 36,48,54
supported-mcs-set 5,6,7,13,14,15,21,22,23
vht-supported-mcs-map "7,8,9,-"
blacklist
dmo-channel-utilization-threshold 90
multicast-rate mcs15
local-probe-req-thresh 0
max-clients-threshold 45
dot11k
dot11v