I have the same question. Ulrich explains a little in this thread https://community.sophos.com/products/unified-threat-management/astaroorg/f/102/t/69689. You are trying opposite of what I am trying which is catch ipv6 and bypass/ignore ipv4. You are doing it differently by saying just let my PC with ipv6 use proxy in the global --> allowed networks list.
I believe that this is a bug on how the proxy handles a single device for ipv4/ipv6 handling. If you use bypass all ipv6, in http proxy -->advanced -->bypass proxy, everything works as expected. Its when you want granular control and want just a single device to use ipv6, it fails. So in your case if you put your whole network (ipv6) in global --> allowed networks it will work. I know that is not what you want to do, you just want a single PC with ipv6 to have access[;)]
Hi Billybob, So, if I understand you correctly you are saying if I put the entire network in the allowed list then the http profiles should manage access?
I had to put the network in both the allowed list and the profile. That defeats the purpose of having http proxy profiles.
I put the IPv6 address of the ASG in the web browser proxy config, while I could not ping or tracert the ASG would provide DNS resolution, but the w7 PC would not resolve ww.sixxs.net using nslookup.
An interesting point, all the open web sessions stayed open even after I changed the ASG to use only the IPv6 address for my PC. If you stopped and tried to reconnect the connection timed out., this includes audio streaming.
I now consider this a bug.
Ian M
Maybe a work around, create a number of sub-nets on each interface and put them in the profiles making sure the appropriate PCs/workstations are in the correct sub-net. I know, okay for a small site, but not much use for a larger site and no use for sso etc.
I expect there is another issue and that is the http proxy is not aware of the sixxs tunnel.
Anyway none of my attempts to use IPv6 through the http proxy are reported in the stats. Still looking
I had to put the network in both the allowed list and the profile. That defeats the purpose of having http proxy profiles.
I put the IPv6 address of the ASG in the web browser proxy config, while I could not ping or tracert the ASG would provide DNS resolution, but the w7 PC would not resolve ww.sixxs.net using nslookup.
An interesting point, all the open web sessions stayed open even after I changed the ASG to use only the IPv6 address for my PC. If you stopped and tried to reconnect the connection timed out., this includes audio streaming.
I now consider this a bug.
Ian M
Maybe a work around, create a number of sub-nets on each interface and put them in the profiles making sure the appropriate PCs/workstations are in the correct sub-net. I know, okay for a small site, but not much use for a larger site and no use for sso etc.
I expect there is another issue and that is the http proxy is not aware of the sixxs tunnel.
Anyway none of my attempts to use IPv6 through the http proxy are reported in the stats. Still looking
