9-17
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 9 Configuring Basic Settings
Setting the Management IP Address for a Transparent Firewall
Configuring the Link-Local Addresses Automatically
If you only need to configure a link-local address and are not going to assign any other IPv6 addresses,
you have the option of generating the link-local addresses based on the interface MAC addresses
(Modified EUI-64 format). To manually assign the link-local address, see the “Configuring the
Link-Local Address on an Interface (Transparent Firewall Mode)” section on page 8-30.
To automatically configure the link-local addresses for all interfaces, perform the following steps:
Step 1 Go to Configuration > Device Management > Management Access > Management IP Address.
Step 2 In the IPv6 configuration area, check Enable IPv6.
This option enables IPv6 on all interfaces and automatically generates the link-local addresses using the
Modified EUI-64 interface ID based on the interface MAC address.
Note You do not need to check this option if you configure any IPv6 addresses (either global or
link-local); IPv6 support is automatically enabled as soon as you assign an IPv6 address.
Similarly, unchecking this option does not disable IPv6 if you configured IPv6 addresses.
To configure IPv6 DAD parameters, shown in this area, see the “Configuring DAD Settings” section on
page 9-17.
Step 3 Click Apply.
Configuring DAD Settings
DAD verifies the uniqueness of new unicast IPv6 addresses before they are assigned and ensures that
duplicate IPv6 addresses are detected in the network on a link basis.
For information about the Enable IPv6 parameter, see the “Configuring the Link-Local Addresses
Automatically” section on page 9-17.
To specify DAD settings on an interface, perform the following steps:
Step 1 Go to Configuration > Device Management > Management Access > Management IP Address.
Step 2 In the IPv6 configuration area, in the DAD attempts field, enter the number of allowed DAD attempts.
This setting configures the number of consecutive neighbor solicitation messages that are sent on an
interface while DAD is performed on IPv6 addresses. Valid values are from 0 to 600. A zero value
disables DAD processing on the specified interface. The default is one message.
Step 3 In the NS Interval field, enter the neighbor solicitation message interval.
The neighbor solicitation message requests the link-layer address of a target node. Valid values are from
1000 to 3600000 milliseconds. The default is 1000 milliseconds.
Step 4 In the Reachable Time field, enter the amount of time in seconds that a remote IPv6 node is considered
reachable after a leachability confirmation event has occurred.
Valid values are from 1000 to 3600000 milliseconds. The default is zero. A configured time enables the
detection of unavailable neighbors. Shorter times enable detection more quickly; however, very short
configured times are not recommended in normal IPv6 operation.
To Next Page
Loading...
Need help?
General
