Meraki

Community

About chesterweirdo

Re: Anyconnect IPV6 routing even with it disabled

by in Security & SD-WAN
‎Jul 22 2022 2:49 AM
‎Jul 22 2022 2:49 AM
So over an hour on the phone with Meraki and no help at all. Has anyone else used Any connect on a linux machine? Basically, as soon as you connect it add a load of routes to your route table sending IPV6 to the Any connect interface. That should not be happening as it should have no impact on IPV6. It looks like the traffic does not get to the MX so Meraki are easing their hands with it saying they can prove it does not get to the device. ... View more

Re: Anyconnect IPV6 routing even with it disabled

by in Security & SD-WAN
‎Jul 21 2022 1:42 PM
‎Jul 21 2022 1:42 PM
So I have spent the day looking at this a bit more and trying to understand it. I setup a new Ubuntu machine and installed the AnyConnect client   It connects fine and I can browse the internet. However, running route -6 returns the route table and shows that IPV6 is being routed down cscotun0 when it should not be adding a route. Having checked on my OSX device connecting to the vpn the IPV route table does not add a record to route it down the tunnel.     ... View more

Re: Anyconnect IPV6 routing even with it disabled

by in Security & SD-WAN
‎Jul 20 2022 2:12 PM
‎Jul 20 2022 2:12 PM
Just bumping to see if anyone had a solution. We want to enable mfa but with the client not working that’s not going to be possible.  ... View more

Re: Anyconnect IPV6 routing even with it disabled

by in Security & SD-WAN
‎Jun 28 2022 4:09 PM
‎Jun 28 2022 4:09 PM
Yep we are running split tunnel. We don’t want to send the ipv6 dns over the client. It should really remain local which is why we have tried to turn off ipv6 on the client but it does not seam to work.  ... View more

Anyconnect IPV6 routing even with it disabled

by in Security & SD-WAN
‎Jun 28 2022 1:16 AM
1 Kudo
‎Jun 28 2022 1:16 AM
1 Kudo
Hi, We have an issue with Linux users where the AnyConnect VPN client is routing IPv6 traffic using the client even with the option disabled.   We have set in our xml file <IPProtocolSupport>IPv4</IPProtocolSupport>   But we still get DNS routing via IPV6 so it fails.    I did find an article relating to an ASA which suggested setting client-bypass-protocol but I'm not sure if I can just add that to the XML.   They have been able to connect using the openvpn client on Linux   Mac and Windows is working fine.   Can anyone help? ... View more
Labels:
My Top Kudoed Posts
© 2025 Cisco Systems, Inc.