Wireless Access

Reply
Occasional Contributor II

Cannot Block IPv6 Traffic

Hi,
    In my IAP225, I am trying to block IPv6 traffic on a specific network. My goal is to allow only IPv4 traffic and block all ipv6 traffic going in the network. To achive this, I have created a network profile and associated a ACL rule to the profile. The acl rule to deny ipv6 traffic is given below.

    84:d4:7e:c6:d5:74 (Access Rule "TEST") # rule any any match ipv6 any any deny

However, this is not working. I can still send ipv6 traffic(ping traffic) over the network.

Set-up details: I have a set-up with 2 Aruba AP's and each WAP is connected with one Client(laptop's). The Laptop's are configured with IPv6 addresses(default link local address).With the above ACL rule configured in Aruba, I expect, all IPv6 traffic should be dropped however, that is not happening. I can still reach other client in the network via ping.

Aruba WAP Type    : IAP225
Firware Version    : 6.5.0.0-4.3.0.0_56428

Please let me know is there any way to block only IPv6 traffic?

Thanks in advance.

-Shiva

Attaching the the complete network configuration and the ACL rule for your reference.

ACL Rule:
    wlan access-rule TEST
     index 3
     rule 224.0.0.0 240.0.0.0 match any any any deny
     rule 172.19.248.0 255.255.255.248 match any any any permit
     rule 172.19.248.0 255.255.252.0 match udp any any permit
     rule 172.19.248.0 255.255.252.0 match any any any deny
     rule any any match ipv6 any any deny
     rule any any match any any any permit
    
    wlan ssid-profile TEST
     enable
     work-without-uplink
     index 1
     type guest
     essid Test-SSID
     opmode opensystem
     max-authentication-failures 0
     vlan 4092
     rf-band all
     captive-portal disable
     dtim-period 1
     inactivity-timeout 120
     broadcast-filter unicast-arp-only
     deny-inter-user-bridging
     g-min-tx-rate 36
     a-min-tx-rate 36
     a-basic-rates 36,48,54
     a-tx-rates 36,48,54
     g-basic-rates 36,48,54
     g-tx-rates 36,48,54
     supported-mcs-set 5,6,7,13,14,15,21,22,23
     vht-supported-mcs-map "7,8,9,-"
     blacklist
     dmo-channel-utilization-threshold 90
     multicast-rate mcs15
     local-probe-req-thresh 0
     max-clients-threshold 45
     dot11k
     dot11v

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: