Re: NAT firewall for IPv6?

[Spencer Ryan <sryan () arbor net>]

The Palo-Alto's also don't support anything but NAT64, so depending on what
you meant by the IPv6 side is sharing "one address" might not be correct.


*Spencer Ryan* | Senior Systems Administrator | sryan () arbor net
*Arbor Networks*
+1.734.794.5033 (d) | +1.734.846.2053 (m)
www.arbornetworks.com

On Tue, Jul 5, 2016 at 11:40 AM, <A.L.M.Buxey () lboro ac uk> wrote:

> Hi,
>
>
> I would go through the password recovery options on the PaloAlto.
>
> as a next gen firewall you need to ensure you are getting all the latets
> rulesets
> and detection code through - check your subscription with them
>
>
> once you've sorted out access you can look at the policies and ensure that
> the IPv6 AV filtering rules match that for IPv4 - fairly easy with their
> interface.
> (check your codebase version for feature abilities....once again, you may
> need to
> deal with PA to ensure your codebase is current. these things get OLD
> quickly
>
>
> as for NAT for IOV6. nope.   and turning it off ISNT the answer (yes, its
> an answer...just
> the wrong one! ;-) )
>
>
> alan