Static IPv6 on WAN+LAN with /63 ISP - LAN to WAN not working
-
Hello all,
I am not able to access WAN from LAN with my /63 assignment from ISP. I can ping the GW from WAN, but not LAN.
Assignment:
Network: 2606:1420:500:4::1/63 GW: 2606:1420:500:4::1 WAN: 2606:1420:500:4::2/64 LAN: 2606:1420:500:5::1/64My pfsense settings:
WAN: - Static IPv6: 2606:1420:500:4::2/64 - Gateway: 2606:1420:500:4::1 LAN: - Static IPv6: 2606:1420:500:5::1/64 - Gateway: NoneI have the following:
- DHCPv6 and RA working fine. I get IP assignments in my LAN subnet:
2606:1420:500:5::1/64. - I can ping and access all LAN machine to machine IPv6.
- I can ping WAN IP (
2606:1420:500:4::2) from LAN - I can ssh into pfsense and ping external IP such as cloudflare (
2606:4700:4700::1111) as well as ping the Gateway (2606:1420:500:4::1).
I cannot:
- I cannot ping GW IP
(2606:1420:500:4::1) from LAN - I cannot access any IP outside on the internet such as cloudflare
Firewall rules and other settings:
- Allow IPv6 LAN subnet to any is set as default by pfsense (same as IPv4)
- I have set Allow IPv6 checkbox in Advanced Settings > General.
- Default Ipv6 Gateway in System > Routes is set to
WANGWv6which is2606:1420:500:4::1. It's not set to automatic.
For some reason LAN traffic is not going through the gateway at all. Any ideas?
- DHCPv6 and RA working fine. I get IP assignments in my LAN subnet:
-
@snipleeagle8 said in Static IPv6 on WAN+LAN with /63 ISP - LAN to WAN not working:
GW: 2606:1420:500:4::1
Normally, the link local address is used for the gateway. What does your ISP say to use? Did you manually configure that? It normally gets populated automagically by DHCPv6.
-
@JKnott ISP just gave me static IPv6 allocation and configuration including the gateway. There is no DHCP on WAN side.
-
@snipleeagle8 said in Static IPv6 on WAN+LAN with /63 ISP - LAN to WAN not working:
Gateway: None
That might have something to do with it.
The devices on your LAN also need a gateway, typically the pfSense box link local address. This is normally provided by SLAAC or DHCPv6. How is your system configured. -
@JKnott Interesting. How do I set that?
This is my current LAN setting:
/Users/neil/Library/Mobile Documents/com~apple~CloudDocs/Screenshots/CleanShot 2024-09-03 at 12.55.51@2x.pngI can click add gateway, but not sure where to find the local link address:
/Users/neil/Library/Mobile Documents/com~apple~CloudDocs/Screenshots/CleanShot 2024-09-03 at 12.56.40@2x.png -
As I mentioned, it normally happens with SLAAC in the router advertisements. I have never used DHCPv6 on the LAN side, but I expect it would be the same. Are you using SLAAC or DHCPv6?
Can you do a packet capture, filtering on ICMPv6, and post the capture file here?
