As we all know, ASA supports IPv6 access-lists.
In routed mode, if you have inside level 100 and outside level 0 you will see ‘Implicit rule: Permit all traffic to less secure networks’ for both IPv4 and IPv6 access-lists in the ASDM.
Now my question: In an IPv4 only environment is it necessary to add an EXPLICIT IPv6 deny ACL to block any rouge IPv6 traffic leaking out the network? Or is IPv6 traffic automatically blocked from traversing the ASA by the fact you don’t have IPv6 addresses configured?
Thanks
↧
IPv6 ACLs on ASA
↧