Noob here to ask : Idea about Setup IPv6 Tunnel through Local IPv4 network



  • Noob here again 😆

    I have successfully setup an pfsense as 2nd router behind an Openwrt(connected to my ISP Fiber GW in br mode)with LAN area and WAN interface can get IPv6 address and access internet.

    BTW, ISP use PPPOE connection and provide dynamic /60 prefix delegation to user.

    So here is what i'm thinking: I have another Ethernet Cable connect to a local network which also the network my office is using right now.

    If I can setup some kind of IPv6-IPv4 tunnel, I can make my office computer using my ISP's IPv6 access.(Cause office network upstream ISP have no IPv6)

    Problem is : Which way should I choose? I google about his problem , some answer about using OpenVPN with static prefix configuration,(which I dont have static) or setup ISATAP router on Windows Server(which I dont have too).

    So any idea about how to do this ?My only resource here is Openwrt and pfSense and an ancient Acer notebook

    QAQ



  • The easiest way would be to set up a tunnel using a provider such as he.net, to the office network.



  • @jknott

    I know that is the most easiest way, but my office network behind firewall/multi switches/VLANs , and I dont have manage access to these devices...

    The only access now is my office computer and home router...



  • My situation is the other way around.
    My home setup is an ordinary ISP router, using an IPv4 only ISP.
    My office uses pfSense, situated begin the same ISP, using the same router, also : only IPv4.

    But, because I use pfSense at the Office, I've set up he.net and I used their /56 to attribute full IPv6 on my office LAN's.
    I also setup a VPN server "road warrior" access on my pfSense using both IPv4 and IPv6.

    Now, when I start the VPN access to my Office from Home, I have full IPv6 access at home.

    0_1540955220320_bf88f9ad-3de9-4740-9657-b41cbe55e499-image.png

    0_1540955485234_b60fdb59-5779-48f0-afd8-5080b2b2300d-image.png

    Btw : the /56 and /64 he.net never change as long as you keep your account. The WAN IP4 on both Home or Office can change any time, my tunnel always works, using the same IPv6 prefix for years now.



  • @gertjan

    Hi there,

    I configured a "road warrior" IPSec VPN on the pfsense follow official document

    And the when I use home windows connect pfsense use "Sherw Soft VPN Client", it only get an IPv4 address(Which is set in IPSec configure "Provide Virtual IP"), and cant get access to outside world

    anything can share about configurationHOW TO let remote client get IPv6 address ? I'm totally confused by the IPSec config...



  • IPSec ?
    I choose OpenVPN because it can handle IPv6 through the tunnel.



  • @gertjan

    Ah,,,, I thought you choose IPSec

    Seems that OpenVPN can't handle dynamic prefix delegation , which will be support at 2.5 in the future.My network environment will be a big problem...