- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- NAT64 with R80.40
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
			
				
					
						
							NAT64 with R80.40
						
					
					
				
			
		
	
		
	
	
	
	
	
	
	
	
			
					
				
		
	
This is my first IPv6 implementation on Azure
Lab setup is
Ext win10: fd5d:7ce8:b6d5:1::4 (10.20.1.6)
fw Ext (eth0): fd5d:7ce8:b6d5:1::a14:205 (10.20.1.4)
fw Int (eth1): fd5d:7ce8:b6d5:2::4 (10.20.2.4)
webs1: 10.20.2.5
My NAT64 rule is
    
Log shows xlate dst as expected but xlate_src is empty
fw6 monitor and tcpdump on eth0 shows fw is sending reset
Any help is appreciated!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can see it listed as a known limitation here:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Appreciate your response. I read MDM, MUH v2 and IPv6 for Management interface are not supported. Security Gateway limitations mention about default kernel value and some commands. Please correct me if I missed the feature ID you are referring to.
Setup of (IPv6 LAN - Firewall - IPv6 LAN) end to end communication is working fine on Azure.
I redeployed everything locally with a 4600 appliance and seeing same behavior
I am wondering if any additional configuration is required for source NAT range to take effect.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
But if you can see it in a physical appliance, I recommend a TAC case.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
VSECC-1097 applies to R80.20 and below correct?
I have a TAC case open and waiting to be assigned, thanks again.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
R80.20 was the first version it was documented in (meaning this isn't a new limitation).
 
					
				
				
			
		


 
		
			 
					
				 
		
		
		
		
		
	
			 
					
				 
		
			