diff --git a/roles/overcloud-prep-config/defaults/main.yml b/roles/overcloud-prep-config/defaults/main.yml
index 4ffb99a4a..96deac739 100644
--- a/roles/overcloud-prep-config/defaults/main.yml
+++ b/roles/overcloud-prep-config/defaults/main.yml
@@ -5,7 +5,8 @@ network_isolation_type: single-nic-vlans # multiple-nics, bond-with-vlans, publi
 network_environment_file: network-environment.yaml.j2
 
 external_network_cidr: 192.168.23.0/24
-undercloud_external_network_cidr: 10.0.0.1/24
+undercloud_external_network_cidr: >-
+  {%- if overcloud_ipv6|bool %}2001:db8:fd00:1000::/64{% else %}10.0.0.1/24{% endif -%}
 overcloud_dns_servers: [ '{{ external_network_cidr|nthhost(1) }}' ]
 
 overcloud_public_vip: "{{ undercloud_external_network_cidr|nthhost(5) }}"
diff --git a/roles/overcloud-prep-network/templates/overcloud-prep-network.sh.j2 b/roles/overcloud-prep-network/templates/overcloud-prep-network.sh.j2
index 5a0bb70ab..7e0f3479a 100644
--- a/roles/overcloud-prep-network/templates/overcloud-prep-network.sh.j2
+++ b/roles/overcloud-prep-network/templates/overcloud-prep-network.sh.j2
@@ -14,7 +14,7 @@ set -eux
 
 source {{ working_dir }}/stackrc
 
-{% if overcloud_nodes is defined and overcloud_nodes %}
+{% if overcloud_nodes is defined and overcloud_nodes and not overcloud_ipv6|bool %}
 FENCING_RULE="-m udp -p udp -m multiport --dports {% for node in overcloud_nodes %}{{ node.virtualbmc_port }}{% if not loop.last %},{% endif %}{% endfor %} -m state --state NEW"
 COMMENT="fencing_access_from_overcloud"
 if ! sudo iptables -nvL INPUT | grep "$COMMENT"; then
@@ -23,7 +23,7 @@ if ! sudo iptables -nvL INPUT | grep "$COMMENT"; then
 fi
 {% endif %}
 
-{% if network_isolation|bool %}
+{% if network_isolation|bool and not overcloud_ipv6|bool %}
 
 ## Setup Networking
 ## ----------------
diff --git a/roles/overcloud-ssl/templates/overcloud-create-ssl-cert.sh.j2 b/roles/overcloud-ssl/templates/overcloud-create-ssl-cert.sh.j2
index a3a06d818..0dc910538 100755
--- a/roles/overcloud-ssl/templates/overcloud-create-ssl-cert.sh.j2
+++ b/roles/overcloud-ssl/templates/overcloud-create-ssl-cert.sh.j2
@@ -29,7 +29,7 @@ sudo update-ca-trust extract
 ##   public VIP
 ## ::
 
-{% set _vip = overcloud_public_vip if not overcloud_ipv6|bool else overcloud_public_vip6 %}
+{% set _vip = overcloud_public_vip %}
 
 openssl req -newkey rsa:2048 -days 365 \
     -nodes -keyout {{ working_dir }}/server-key.pem \