Define Ipv6 Subnet for firewall rule RRS feed

  • Question

  • I admit.  ipV6 is a mystery.   If I wanted to define a scope for a firewall rule to the ISATAP subnet how would i do that?


    A given client on my network ISATAP address is 2002:4a05:d565:8000:0:5efe:0a32:323d

    By looking at the DNS host list I can see that 2002:4a05:d565:8000:0:5efe:0a32 is the netowrk  and 323d  is the client is becouse every client has the same first 7 blocks.   (Or so I think)  


    In the firewall scope rule it looks like you can enter the entire IPv6 network.   In the example they user a suffix of :0/112  The trouble is I have no idea on a IPv6 ISATAP range what is the network and what is the client components of the address.  I also don;t know how the subnetting process work.  0/112   0/64   ect.    I have read on IPv6 subnetting and it looks similar to IPv4 but how do I tell on my ISATAP range as it looks like the network component is pre defined.  


    In other  words if a client on my ISATAP network is 2002:4a05:d565:8000:0:5efe:0a32:323d  how would I express the entire IPv6 network range in a firewall rule scope?






    Tuesday, July 5, 2011 8:55 PM