locked
UAG DA - remote client cannot ping internal IPv6 clients RRS feed

  • Question

  • I have UAG DA set up with the inte

    rnal interface configured with a static globally routable IPv6 address.  DA remote clients can ping IPv4 systems (via NAT64 and DNS64), but they cannot ping IPv6 addresses.

    When a DA remote client tries to ping the internal IPv6 client, the internal client receives the echo request. The issue is the echo request still lists the remote client's address as the source.  So the internal IPv6 client sends its echo reply to its default IPv6 gateway instead of the DA server. (The remote client is using a 6to4 address 2002::/16)

    Is there any recommendation as to how I should reconfigure my machines so that Internal IPv6 clients know where to send their echo replies?

    (Ideally I hope there is a solution that can be configured on the UAG DA server to work around this, as though I have control over one DHCP server, I do not have control of all DHCP servers in our organization)

    Thank you very much,

    -Aaron


    ----------
    Well, with a bit more testing I can confirm that if the IPv6 properties are changed under the advanced settings to include the DA server as a 'default gateway' with a metric of 1 as opposed to the default of 'automatic', the remote client can ping and rdp to the specific system without a problem.

    So I've got it to work at its most basic level, but a better solution would be greatly appreciated, as anything that is IPv6 (whether a tunnel or native), needs to be pointed at the DA server (somehow) to resolve the communications.

    Thanks again,

    -Aaron

    Monday, May 10, 2010 6:48 PM

Answers

All replies