Folks,
From CPX, from our customers, from Check Mates we know, some of you already met with IPv6 from Internet Service Providers, and that was kind of a challenge for you to adopt your Remote Access infrastructure. Check Point is here to assist you.
Today we start offering early version of Remote Access IPsec VPN client which works in IPv6 networks. As this is beta release, I'm pointing your attention to that disclaimer:
Disclaimer
Side build of E88.10 standalone VPN client contains initial support of IPv6 on client side in NAT64 scenario, which means:
- Security gateway resides in IPv4 network;
- Security gateway may be of any version, starting R81 and including upcoming R82;
- Client may reside in either IPv4 network or in IPv6 network;
- If client resides in IPv6 network, it is obligation of Internet Service Provider to implement:
- NAT64 translation between IPv6 and IPv4 networks;
- Provide DNS64 service which resolves names into IPv6 and supplies IPv6 prefix according to RFC 7050 and RFC 8880;
Although beta version of the client passed quality check, it might have bugs and some features may not operate in proper way. As of now we are aware of following issues:
- IPv6 Office Mode is not yet supported
- Roaming from IPv6 to IPv6 network may not work
- Split DNS is not yet supported
- Link Selection is not yet supported
- Simultaneous Login Prevention is not yet supported
- Location Awareness, DC-based is not yet supported (interface-based should work)
- Secondary Tunnel Resilience for ATM is not yet supported
- Proxy Detection and Replacement is not yet supported
- Use IPv6 addresses in Desktop policy is not yet supported
We will be glad to hear early feedback on that version. Should you want to try this beta and / or report any issue, please send me direct message.