cancel
Showing results for 
Search instead for 
Did you mean: 

IPv6 Realm IP Restrictions

SOLVED
mattspierce_
Frequent Contributor

IPv6 Realm IP Restrictions

I use Realm Authentication Policy to work out what cleints can access what realms via source IP.  I've been stagging IPv6 into my dev enviroment and I have stopped being able to get clients with a v6 address to login.  I simplified my setup to a Signing, Realm, Role config.  If I enable my Authentication Policy I can not login.  IF I allow all IP's I can login.  Here is my filter list.  I've also tried the 0:0:0:0:0:0:0:0/128 and it collapsed down to ::/128.  Can anyone suggest a solution?

 

Select/Unselect All IPv4/v6 Address Netmask/Prefix Length Allow/Deny  
 
172.16.0.0 255.240.0.0 Allow  
10.0.0.0 255.0.0.0 Deny  
192.168.0.0 255.255.0.0 Deny  
0.0.0.0 0.0.0.0 Allow  
:: 128 Allow  
         
1 ACCEPTED SOLUTION

Accepted Solutions
mattspierce_
Frequent Contributor

Re: IPv6 Realm IP Restrictions

And the reason that wasn't working is that I only allowed an all 0 IPv6 address.  The subnet should have been a 0.

 

Select/Unselect All IPv4/v6 Address Netmask/Prefix Length Allow/Deny  
 
10.0.0.0 255.0.0.0 Deny  
192.168.0.0 255.255.0.0 Deny  
172.16.0.0 255.240.0.0 Deny  
0.0.0.0 0.0.0.0 Allow  
:: 0 Allow  
       

View solution in original post

1 REPLY 1
mattspierce_
Frequent Contributor

Re: IPv6 Realm IP Restrictions

And the reason that wasn't working is that I only allowed an all 0 IPv6 address.  The subnet should have been a 0.

 

Select/Unselect All IPv4/v6 Address Netmask/Prefix Length Allow/Deny  
 
10.0.0.0 255.0.0.0 Deny  
192.168.0.0 255.255.0.0 Deny  
172.16.0.0 255.240.0.0 Deny  
0.0.0.0 0.0.0.0 Allow  
:: 0 Allow  
       

View solution in original post