I finally got an IPv6 tunnel going on my Netscreen SSG 5. So I thought I'd post the relevant configuration details here.
I'm currently running ScreenOS 5.4.0r3a0; there seems to be some WebUI bugs with IPv6 so it is best to do it via the command line.
Update: I just got a response back from JTAC. IPv6 is only supported on the ISG2000. So I'm unsure when/if it the WebUI bugs will be fixed.
Update2: IPv6 is now supported on the SSG 5 under screenos 6, the WEBUI bug has been fixed.
Background info:
The first step is to enable IPv6 on your Netscreen.
Type the following then save your config and restart the device:
Now let's setup the trust interface:
So we've setup my trust interface with the IPv6 subnet and autoconfiguration should be working.
Now let's setup a tunnel interface for the traffic to run through:
Now we'll setup a static route for IPv6 traffic to go through:
And finally we need to setup a policy to allow traffic out:
You may want to setup some policies to allow traffic in too.
That should be all you need to do.
HTML allowed: <a href="" title="" rel=""></a> <b></b> <blockquote cite=""></blockquote> <em></em> <i></i> <strike></strike> <strong></strong> <li></li> <ol></ol> <ul></ul>
ie: <b>bold</b>
Your comment may need to be reviewed before it is published.