HE Tunnelbroker pfSense IPv6 Issue
-
Just to add, I am also able to ping ipv6.google.com from my PC using command prompt.
-
Post your LAN rules, we can't make heads or tails of what's actually going on if we can't see the rules.
You could also just allow all IPv6 in on the LAN interface for now and it would rule out problems with your LAN rules.
Also post your interface setups including the GIF interface setup, the setup of the OPT interface that acts as your IPv6 WAN and your LAN interface setup.
-
If your HE tunnel was setup it would show you coming form HE.. Not some isp..
-
Cheers for the replies, much appreciated.
Right, I've attached a load of images of my setup in the hope someone can point me in the right direction. I've probably done something really dumb! The image titles say what they are.
Many thanks
-
Where is your gif interface for your tunnel?
I assume those pings your allowing if from HE IPs? Haven't bothered to lookup those source IPs you have limited it too.
Your gif or tunnel is going to be a 1 off from your /64 they give you..
-
Attached is my gif interface details. I also added an image of an option to use ipv4 connectivity as parent interface, does the box need to be checked on this option?
-
Does your gateway come up?
-
Yes it does, but the initial WAN setup for PPPOE, before I started messing around with my ipv6 tunnel details has gone offline, should it do that? (see image)
I've also attached images of my HE tunnel, and the interfaces on the pfsense dashboard, didn't know if they might highlight anything unusual.
-
So you have 1f08 prefix on your tunnel and the 1f09 prefix on your lan right?
Can your lan client ping the 1f09 ::1 address? What IP did you give your client.. What is the ipconfig /all of your client on your lan?
Curious to see your full ipconfig /all from your client… Windows like to use teredo and 6to4 and isatap... Curious if your seeing address there.. I have all those transition technologies disabled and only the clean dualstack running.
-
Cheers for helping out so much John, hopefully we can get there in the end!
Ok, just so you know I've created a new HE tunnel and provided an image of it. On top of that I've tried to build my tunnel again but still having connectivity issues with ipv6 sites. I've attached images of my wan, lan and tunnel interfaces, perhaps you can have a look and see if you notice anything out of place.
I've also ping tested ::1 address from my client with results shown in the image.
Ipconfig /all results shown on last 3 attached images.
Please let me know if you notice anything out of place.
Many thanks.
-
Why is your IPv6 address on your LAN interface not finished?
Give a number on the end ::1 or ::254 something!!
Looks like your pinging the far end of the tunnel. But you seem to have some other addresses on there on your lan. And you don't have a IPv6 dns setup and or global gateway.. If your going t set static then set that up…
Once you have that working, then you can worry about dhcp or autoipv6 addresses via RA, etc.
-
I really appreciate your help John.
With regards to your comments about ipv6 dns and / or global gateway setup, I can't find any reference to these in the guide, so probably the reason why they aren't setup.
I've just hooked up my Asus AC86U to my modem, bypassed my pfsense device, and configured my HE tunnel on the AC86U and I've got ipv6 connectivity straight away. I know I've followed the pfsense guide for setting up an HE tunnel on my pfsense as accurately as I can, but for some reason it just won't work. I don't see why it's so easy to setup on my AC86U yet so difficult on pfsense., it's certainly beaten me.
As I said before it's not important for me to get up and running, just would have been nice to have it, so I'm going to leave it for now. Perhaps when I have more time I'll rebuild pfsense and try again then, perhaps my initial setup wasn't correct.
Thanks again for all your help, I do appreciate your efforts.
