Print

[CiscoFanboy]

Hello everyone, I am unable to use IPv6 on any Cisco AnyConnect client, I have an IPv6 block that I received from AS 202322 and I have configured my VPN subnet to be 2A05:DFC7:3E:5650:4E::/64. When I go out to the internet it displays my public IP address. I am using a Cisco ASA 5510 for the VPN concentrator/firewall. I hope someone will help.

I have added static routes on the edge routers and internal switch pointing to the firewall. I have also done calculations for the MTU, the default mtu would come out to be 1520 which is bigger than the max MTU for ethernet and obviously bigger than the MTU for the IPv6 in IPv4 tunnel which is 1480. I have tried adjusting the Cisco AnyConnect MTU to 1354 and no luck there.

Thanks,

Trevor Janssen

[cholzhauer]

What version of anyconnect and what version of the Cisco OS?   Older versions do not support 6in4 tunnels

[CiscoFanboy]

Hello, I am using Cisco ASA OS 9.1.7 and Cisco AnyConnect 4.5

[cholzhauer]

That's most likely your problem.   Newer versions of both support tunnels where the old ones don't

[CiscoFanboy]

There is a router upstream from the firewall, it is a Cisco 2951. The router is using IOS 15.5(3)M7. The tunnel is terminated to the edge routers.

[cholzhauer]

Old versions of anyconnect don't support the 6in4 stuff

You need to upgrade

[CiscoFanboy]

What version do you recommend?

[cholzhauer]

I don't remember offhand which version fixed it, but I'd grab the latest one and avoid some of the bugs along the way.