USG110 and ICMPv6 drops (and other)

parleur
parleur Posts: 2  Freshman Member
edited April 2021 in Security
edited the question after finding the ipv6 policy controls after enabling ipv6:

so when you enable ipv6, you can actually create policy rules for ipv6 - but since I don't use ipv6, i really prefer to leave it disabled. but then i still receive these icmpv6 packets that are being dropped by the default rule and no way i can create my own rule for them, as ipv6 policy control is not available.
basically i like to disable ipv6, but still be able to create a rule for those icmpv6 packets.
i guess that is not possible without enabling ipv6... or is it?

right now the logs are filled with these icmpv6 drops and they clutter the log.
should i just enable ipv6 and then subsequently block all ipv6 with policy control rules?
would there be any disadvantage doing so?
again, i have no need for ipv6...

All Replies

Security Highlight