IPv6 Neighbor Discovery Proxy

IPv6 Neighbor Discovery Proxy

This feature provides support for proxying the IPv6 Neighbor Discovery (ND) protocol to allow the forwarding of the following ICMP messages between upstream and downstream interfaces:

l Router Advertisement (RA) l Neighbor Solicitation (NS) l Neighbor Advertisement (NA) l Router Solicitation (RS) l Redirect

The Neighbor Discovery (ND) protocol is used to discover the Link Layer address of IPv6 destinations. In IPv4, this is achieved by using ARP.

Configure ND Proxy in the CLI using the following syntax:

config system nd-proxy set status {enable|disable}

set member <interface> <interface> [<interface>…] end

Option Description
status Enable/disable the use of neighbor discovery proxy
member List of interfaces using the neighbor discovery proxy


An example of a configuration can be found in the IPv6 Configuration section under IPv6 Neighbor Discovery Proxy on page 164

This entry was posted in Administration Guides, FortiGate, FortiOS 6 on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.