How to enable SSH to link-local address on ASA 9.1?

Question

I have a Cisco ASA 5510, running ASA software version 9.1(7)16 on an IPv6 LAN.

I want to enable SSH access, but I'm running up against the following warning:

ciscoasa(config)# show ipv6 interface management
  IPv6 is enabled, link-local address is fe80::21d:a2ff:fe59:4b97
    No global unicast address is configured
    Joined group address(es):
      ff02::2
      ff02::1
      ff02::1:ff59:4b97
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds
  ND advertised reachable time is 0 milliseconds
  ND advertised retransmit interval is 1000 milliseconds
  ND router advertisements are sent every 200 seconds
  ND router advertisements live for 1800 seconds
  Hosts use stateless autoconfig for addresses.
ciscoasa(config)# ssh fe80::/64 management
WARNING! This command will not take effect until interface 'management' has been initialized with at least one global IPv6 address
ciscoasa(config)#

(SSH connections to this address fail, although when I configured and tested an IPv4 address, it was able to connect)

So, my question is: what do I need to do to allow SSH connections to my ASA 5510's link-local IPv6 address?

I don't care if I have to e.g., set up a dummy address in the "Documentation Only" IPv6 range to get it to fire up the SSH IPv6 stack, or statically assign the link-local address, or what: I just need to be able to access it on the same subnet as the rest of the devices in this environment.

Answer 1

1. Hopefully obviously, the interface needs to be enabled for IPv6

   ipv6 enable
   

2. A static IPv6 address needs to be configured on the interface, this static address can be a documentation (rfc3849) address, or a statically assigned link local address, or a public address (even if not publicly routable

   ipv6 address 2001:db8::/32