UCF STIG Viewer Logo

The network device must block IPv6 multicast addresses used as a source address.


Overview

Finding ID Version Rule ID IA Controls Severity
V-14697 NET-IPV6-029 SV-15407r3_rule Medium
Description
IPv6 multicast addresses should never be a source address. They should only be destination addresses.
STIG Date
Perimeter L3 Switch Security Technical Implementation Guide - Cisco 2018-11-28

Details

Check Text ( C-12874r2_chk )
Review the perimeter router configuration to ensure filters are in place to restrict the IP addresses. Verify that ingress and egress ACLs for IPv6 have been defined to deny the multicast source addresses and log all violations.
Fix Text (F-14162r2_fix)
Configure the perimeter router access control lists to deny any IPv6 multicast address used as a source address.