In this post I will explain & show issues to be aware with PAN-OS & IPv6.
1st, ICMPv6 RA support low/medimu/high router preferences. This is good since my experience with cisco ASA, Fortinet Fortigate , and Juniper SRX show this not available feature
The Low/Medium/High are case sensitive
This feature helps if you have multiple RT-advertisers and need a redundant ipv6 next-hop gateway
2nd, the loopback address requires a /128 mask ( this sucks ) or you must specify no-mask.
3rd, OSPFv3 is well supported. So now we can authenticate OSPFv3 with other OSPFv3 routers.
4th, you can src SYSLOG with ipv6-src address. So if you have a syslog that listens on a ipv6 interface, you can send logs via the management interface or any layer3 by using a service route
5th, you can backup the configuration to a ipv6 host
These are some of the based items I've notices in PAN-OS v7 & with regard to ipv6.
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
=( @ @ )=