PDA

View Full Version : Unable to connect to the SLES dual stack box over ipv6



maheshcamath
19-Sep-2013, 07:31
We recently moved to sles11 sp3.

With SLES 11 sp3 having IPv4 and IPV6 addresses, attempted to access my web application (worked fine in sles 10) over https using a browser using IPV4 address. It works.

However, if attempt the same using IPv6, it doesn't work.

Existing firewall configuration:
----------------------------
We have https (port# 443) enabled to access the web applicaiton.

In /etc/sysconfig/SuSEfirewall2, we have the following entry to redirect the 443 traffic to an internal port.
FW_REDIRECT="0/0,127.0.0.1/0,tcp,443,49881"

ip6tables entry is as good as it appears in iptables (ipv4 entry).

ping6 works fine.

Should I do any additional things here to set the redirection for IPv6?

smflood
19-Sep-2013, 11:38
On 19/09/2013 07:34, maheshcamath wrote:

> We recently moved to sles11 sp3.
>
> With SLES 11 sp3 having IPv4 and IPV6 addresses, attempted to access my
> web application (worked fine in sles 10) over https using a browser
> using IPV4 address. It works.
>
> However, if attempt the same using IPv6, it doesn't work.
>
>
> Existing firewall configuration:
>
> We have https (port# 443) enabled to access the web applicaiton.
>
> In /etc/sysconfig/SuSEfirewall2, we have the following entry to redirect
> the 443 traffic to an internal port.
> FW_REDIRECT="0/0,127.0.0.1/0,tcp,443,49881"
>
> ip6tables entry is as good as it appears in iptables (ipv4 entry).
>
> Should I do any additional things here to set the redirection for IPv6?

How are you serving your web application? Via Apache perhaps? If so, is
Apache configured to listen on the IPv4 and/or IPv6 address? You can use
"grep Listen /etc/apache2/listen.conf" to see. If you have "Listen
<ipaddress>:80" then Apache will only listen on port 80 for that
particular IP address - if you want Apache to listen on all IP addresses
use "Listen *:80".

HTH.
--
Simon
SUSE Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------