PfSense - Hurricane Electric - Tunnel Broker Setup
-
You don't want it on the LAN?
Is your client ipv4 address in HE matching your WAN IP?
I gave /64 to each physical interface (except WAN) and each openvpn interface for myself.
We just need to get the tunnel and it's assigned interface up so he can ping his ::1 at hurricane. Then we can dole out /64s out of his shiny new /48 to his local interfaces.
-
on the gateway you have as HEIPV6_TUNNELV6 change the address from dynamic to your interface ::1
received an error…
-
What did you do on the interface then? Needs to be the ::2 /64
-
-
That shouldn't be complaining.
Is the tunnel up? Can you ping6 your ::1? It'll only work from pfSense itself.
-
Back in 45 minutes. Gotta roll.
-
That shouldn't be complaining.
Is the tunnel up? Can you ping6 your ::1? It'll only work from pfSense itself.
-
In System: Gateways: Edit gateway > gateway, I have no IP. Its set to dynamic
In my HE IPV6 interface, I have none and none for my IPv4 and IPV6 configuration.
I'm still interested to know… Is the client IP at the HE website the same as your current WAN IP?
-
In System: Gateways: Edit gateway > gateway, I have no IP. Its set to dynamic
In my HE IPV6 interface, I have none and none for my IPv4 and IPV6 configuration.
I'm still interested to know… Is the client IP at the HE website the same as your current WAN IP?
Yes, the HE client ipv4 address is my WAN ipv4 address.
-
Reboot and see if things change/
-
-
Mine is also a /48 - Never did a /64
I also have RADVD configured.
-
You still can't set the gateway to 2001:470:1f0e:d8e::1 ?
If not something is confused. Maybe delete the IPv6 interface and reconfig it or maybe restart.
-
Mine is also a /48 - Never did a /64
I also have RADVD configured.
I think it's automatic. I have a /64 I'm not using and can't give back. I figure he might as well config a /48 from the get-go. It don't cost nothin'.
-
Hmm. I can't create a gateway for my ::3. Same error. Time to do a little github diffing. The only address the gui will take is ::2, which is my interface address.
-
You still can't set the gateway to 2001:470:1f0e:d8e::1 ?
If not something is confused. Maybe delete the IPv6 interface and reconfig it or maybe restart.
no same error as before…
-
Hmm. I can't create a gateway for my ::3. Same error. Time to do a little github diffing. The only address the gui will take is ::2, which is my interface address.
ok, I have to get some sleep now. if you have some new ideas, shoot them over and I will try in the morning.
thanks for everyones time!
-
Roger that. If I had more public IPs I'd get another tunnel. I think there might be something wrong with that IPv6 gateway config page and its logic in determining the subnet of the interface. Not sure yet.
-
There are a few possibilities. Who is your ISP?
I am looking this over.
-
My IPv6 interface is 2001:470:x:67::2/64
My IPv6 Gateway is 2001:470:x:67::1
If I try to define another gateway of 2001:470:x:67::3 I get:
The following input errors were detected:
The gateway address 2001:470:x:67::3 does not lie within one of the chosen interface's subnets.
