In my firewall I did not enabled the ipv6 to any port. But still firewall releasing the ipv6 IP address to the devices like Mobiles and IPV6 enabled systems. I am unable to trace where it is releasing and why. Could you please any one help in this regard.
Make sure you also didn't configure IPv6 DHCP server on the XG. Also, how are you checking if the XG is the one providing the IP?
Thank you for contacting the Sophos Community!
Try following this KB on how to capture ipv6 traffic on the XG. It should help you identify where the traffic is coming from.
Thank you for your reply, I am find the same but I would like to stop the lan traffic, like IPv6 intra network traffic should be not occurred in any manner.
Thanks n Regards,
DHCPv6 server --> No DHCPv6 sever configuredIPv6 RA --> Nothing was there
Yes, but is the dhcp6 service running?
DHCP Showing as running. There is no DHCP6 option to see there. One more option is sowing DHCPv6 Server and the status is as No DHCPv6 sever configured
So, all this points to something outside of your XG is broadcasting link local addresses. These should all be dropped in there firewall because it does not know how to process them.v6 traffic though it?
Thank god, Finally you understand my issue and near to the solution. Now, how we will stop this through firewall. Could you please any one help on this regard.
Now, you need to remove each device from your network until the issue stops. Further you need to examine every devices network configuration to determine which on is using IPv6 link local addressing.
I know that. It is an example to better understand only, easy to stop at water tank level instead of every and each water tap. Can we do like that from the firewall instead of each device?
Sure, you can look at the reports then check the MAC address against your dhcp server.
You are already said ff02::1 is nothing but XG. But nothing in my XG, I troubleshooted the maximum ways and followed your suggestions/instructions too. Then how to trace in my XG? It is again coming to the 1st question.
You haven’t checked logviewer for Mac addresses and then compared them to your dhcp server.