Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system must be configured with a default gateway for IPv6 if the system uses IPv6, unless the system is a router.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| GEN005570-ESXI5-000115 | GEN005570-ESXI5-000115 | GEN005570-ESXI5-000115_rule | Medium |
| Description |
|---|
| If a system has no default gateway defined, the system is at increased risk of man-in-the-middle, monitoring, and Denial-of-Service attacks. NOTE that IPv6 is not enabled by default. |
| STIG | Date |
|---|---|
| VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-GEN005570-ESXI5-000115_chk ) |
|---|
| If the system does not use IPv6, this check is not applicable. From the vSphere Client/vCenter; click on the "Configuration" tab, click on "Networking"; click on "Standard Switch/Properties"; click on "Management NetworkProperties/Edit/IP Settings" and click "Cancel". If the "VMkernel Default Gateway" field is not initialized (valid IP address is required), this is a finding. |
| Fix Text (F-GEN005570-ESXI5-000115_fix) |
|---|
| The following fix text applies only if the system uses IPv6. From the vSphere Client/vCenter; click on the "Configuration" tab; click on "Networking"; click on "Standard Switch/Properties"; click on "Management NetworkProperties/Edit/IP Settings". Select "Use the following IP settings"; fill in the field(s) (at a minimum, the default gateway IP Address is required) per the local site requirements and click "OK". |