I have a Cisco ASA 5510, running ASA software version 9.1(7)16 on an IPv6 LAN.
I want to enable SSH access, but I'm running up against the following warning:
ciscoasa(config)# show ipv6 interface management IPv6 is enabled, link-local address is fe80::21d:a2ff:fe59:4b97 No global unicast address is configured Joined group address(es): ff02::2 ff02::1 ff02::1:ff59:4b97 ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds ND advertised reachable time is 0 milliseconds ND advertised retransmit interval is 1000 milliseconds ND router advertisements are sent every 200 seconds ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses. ciscoasa(config)# ssh fe80::/64 management WARNING! This command will not take effect until interface 'management' has been initialized with at least one global IPv6 address ciscoasa(config)# (SSH connections to this address fail, although when I configured and tested an IPv4 address, it was able to connect)
So, my question is: what do I need to do to allow SSH connections to my ASA 5510's link-local IPv6 address?
I don't care if I have to e.g., set up a dummy address in the "Documentation Only" IPv6 range to get it to fire up the SSH IPv6 stack, or statically assign the link-local address, or what: I just need to be able to access it on the same subnet as the rest of the devices in this environment.
