JUNOS CONFIGURATION TO ENABLE IPV6 ON SRX

Rashmi Bhardwaj | Blog,Config & Troubleshoot,Protocol
Advertisements

The default behaviour of Juniper SRX Firewall is the drop IPv6 traffic traversing the firewall.Below configuration will help how configure SRX to allow IPV6 traffic instead of dropping it.

1st we verify the SRX default behaviour and then configure to meet required output –

Step 1 –
root@JUNOS> show security flow status

Advertisements

Flow forwarding mode:
Inet forwarding mode: flow based
Inet6 forwarding mode: drop
MPLS forwarding mode: drop
ISO forwarding mode: drop
Flow trace status
Flow tracing status: off
Flow session distribution
Distribution mode: RR-based

As per above output , Inet6 traffic is dropped by default.

Step 2 –
To enable inet6 traffic flow,following command is issued –

set security forwarding-options family inet6 mode flow-based

Step 3 –
Commit this config change and device will prompt to reboot the device.

Step 4 –
After reboot, issue the following command –
root@JUNOS> show security flow status

Flow forwarding mode:
Inet forwarding mode: flow based
Inet6 forwarding mode: flow based
MPLS forwarding mode: drop
ISO forwarding mode: drop
Flow trace status
Flow tracing status: off
Flow session distribution
Distribution mode: RR-based

Note – If SRX is in packet mode instead of flow mode, following command should be issued to enable ipv6

set security forwarding-options family inet6 mode packet-based

ABOUT THE AUTHOR

Advertisements

Leave a Comment

Your email address will not be published. Required fields are marked *

Shopping Cart
Select your currency
USD United States (US) dollar
Scroll to Top