Filter
Top Products
143 | IPv6 Support DellPowerConnectW-SeriesArubaOS6.2 | User Guide
Authentication
Method
Description
Attack direction. You should not enable this option unless instructed to do so by a Dell representative.
Default: Disabled
Session Mirror
Destination
Destination (IPv4 address or controller port) to which mirrored session packets are sent. You
can configure IPv6 flows to be mirrored with the session ACL “mirror” option. This option is
used only for troubleshooting or debugging.
Default: N/A
Session Idle Timeout Set the time, in seconds, that a non-TCP session can be idle before it is removed from the
session table. Specify a value in the range 16–259 seconds. You should not set this option unless
instructed to do so by a Dell representative.
Default: 30 seconds
Per-packet Logging Enables logging of every packet if logging is enabled for the corresponding session rule.
Normally, one event is logged per session. If you enable this option, each packet in the session
is logged. You should not enable this option unless instructed to do so by a Dell representative,
as doing so may create unnecessary overhead on the controller.
Default: Disabled (per-session logging is performed)
Ipv6 Enable
The following examples configure attack rates and the session timeout for IPv6 traffic.
To configure the firewall function via the WebUI:
1. Navigate to the Configuration > Advanced Services > Stateful Firewall > Global Setting page.
2. Under the IPv6 column, enter the following:
l For Monitor Ping Attack, enter 15
l For Monitor IP Session Attack, enter 25
l For Session Idle Timeout, enter 60
3. Click Apply.
To configure firewall functions using the command line interface, issue the following commands in config mode:
ipv6 firewall attack-rate ping 15
ipv6 firewall attack-rate session 25
ipv6 firewall session-idle-timeout 60
Understanding Firewall Policies
A user role, which determines a client’s network privileges, is defined by one or more firewall policies. A firewall
policy consists of one or more rules that define the source, destination, and service type for specific traffic and
whether you want the controller to permit or deny traffic that matches the rule.
You can configure firewall policies for IPv4 traffic or for IPv6 traffic and apply IPv4 and IPv6 firewall policies to the
same user role. For example, if you have employees that are using both IPv4 and IPv6 clients you can configure both
IPv4 and IPv6 firewall policies and apply them both to the “employee” user role.
The procedure to configure an IPv6 firewall policy rule is similar to configuring a firewall policy rule for IPv4 traffic,
but with some differences. Table 18 describes required and optional parameters for an IPv6 firewall policy rule.