Manually configuring static IPv6 addresses on a firewall's management (MGT) interface can be time-consuming and complex, especially in large, dynamic network environments. To solve this, your Next-Generation Firewall (NGFW) now supports dynamic IPv6 address assignment on its management (MGT) interface. This makes it easier to insert and manage the firewall in an IPv6 network.

The firewall's MGT interface can dynamically receive its IPv6 address from a stateful DHCPv6 client or an IPv6 stateless address autoconfiguration (SLAAC) client. A stateful client receives its address and configuration information from a DHCPv6 server. A stateless client, on the other hand, automatically generates its own address. This is especially helpful in environments with a large number of endpoints because it avoids the need for a DHCPv6 server to store dynamic state information about each client.

The firewall can also dynamically learn its default gateway from the router’s Router Advertisement (RA) message. This option is available even when you configure a static IPv6 address on the MGT interface. This new flexibility allows you to choose from various combinations for the MGT interface and its default gateway, including both static and dynamic address assignments.