Firewall requirements for coexisting with Teredo

Article ID: 968510 – Last Review: March 3, 2009 – Revision: 1.0

Firewall requirements for coexisting with Teredo

Source: Microsoft Support

RAPID PUBLISHING

RAPID PUBLISHING ARTICLES PROVIDE INFORMATION DIRECTLY FROM WITHIN THE MICROSOFT SUPPORT ORGANIZATION. THE INFORMATION CONTAINED HEREIN IS CREATED IN RESPONSE TO EMERGING OR UNIQUE TOPICS, OR IS INTENDED SUPPLEMENT OTHER KNOWLEDGE BASE INFORMATION.

Symptoms

This article discusses the Firewall application requirements necessary for Toredo to coexist with those firewalls on a Windows operating system-based computer.

More Information

In order for client firewalls to coexist with Teredo, the firewalls must follow the guidelines listed below.

 

 

1. The client firewall must allow resolution of teredo.IPv6.microsoft.com.

2. The client firewall must exempt UDP IPv4 traffic to/ from remote UDP port 3544.

        a. Port 3544 allows the client to communicate to the Teredo Server.

3. Client firewalls must support the following ICMPv6 error messages & discovery functions:

        a. ICMPv6 Neighbor Solicitation / Neighbor Advertisement

                1. The codes for these are 135 and 136

        b. ICMPv6 Echo Request/ Reply

                1. The codes for these are 128 and 129

        c. Packet Too Big

                1. The code for this is 2

        d. Parameter Problem

                1. The code for this  is 4

        e. Time Exceeded

                1. The codes for this is 3

        f. Destination Unreachable

                1. The code for this is 1

 

Note:  If the above ICMPv6 messages cannot be specifically allowed, then the exemption of all ICMPv6 messages should be enabled on the firewall

 

4. The client firewall should allow the system to send and receive UDP/IPv4 packets to UDP port 1900 

        a. Port 1900 allows UPnP discovery traffic to flow, and while is not necessary, will improve connectivity rates.

 

To troubleshoot if you are having a Teredo problem, please run the command from a command prompt:

netsh int teredo show state

 

Review the “State field in the Teredo parameters using the command above and do the following:

·         If the Teredo State is offline then follow steps 1, 2 and 3 above

·         If the Teredo State is dormant or qualified, then do step 3 only

 

Note: Perform step 4 to achieve best performance.

 

For more information on Teredo please refer to the following article below

http://www.microsoft.com/technet/network/ipv6/teredo.mspx (http://www.microsoft.com/technet/network/ipv6/teredo.mspx)

 

Note: Windows XP SP1 must have the Advanced Networking Pack for Windows XP (http://www.microsoft.com/downloads/details.aspx?familyid=E88CC382-8CE6-4739-97C0-1A52A6F005E4&displaylang=en) installed

 

 

 

DISCLAIMER

MICROSOFT AND/OR ITS SUPPLIERS MAKE NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY, RELIABILITY OR ACCURACY OF THE INFORMATION CONTAINED IN THE DOCUMENTS AND RELATED GRAPHICS PUBLISHED ON THIS WEBSITE (THE “MATERIALS”) FOR ANY PURPOSE. THE MATERIALS MAY INCLUDE TECHNICAL INACCURACIES OR TYPOGRAPHICAL ERRORS AND MAY BE REVISED AT ANY TIME WITHOUT NOTICE.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, MICROSOFT AND/OR ITS SUPPLIERS DISCLAIM AND EXCLUDE ALL REPRESENTATIONS, WARRANTIES, AND CONDITIONS WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING BUT NOT LIMITED TO REPRESENTATIONS, WARRANTIES, OR CONDITIONS OF TITLE, NON INFRINGEMENT, SATISFACTORY CONDITION OR QUALITY, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, WITH RESPECT TO THE MATERIALS.


APPLIES TO
  • Microsoft Windows XP Service Pack 1
  • Microsoft Windows XP Service Pack 2
  • Microsoft Windows XP Service Pack 3
  • Microsoft Windows Server 2003 Service Pack 1
  • Microsoft Windows Server 2003 Service Pack 2
  • Windows Vista Home Basic
  • Windows Vista Home Premium
  • Windows Vista Business
  • Windows Vista Enterprise
  • Windows Vista Ultimate
  • Windows Server 2008 Standard
  • Windows Server 2008 Enterprise
  • Windows Server 2008 Datacenter
Keywords: 
kbnomt kbrapidpub KB968510

 

Microsoft Knowledge Base Article

This article contents is Microsoft Copyrighted material.
Microsoft Corporation. All rights reserved. Terms of Use | Trademarks


You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

AddThis Social Bookmark Button

Leave a Reply

*
To prove that you're not a bot, enter this code
Anti-Spam Image