4. PfSense not responding to IPv6 Ping

PfSense not responding to IPv6 Ping

  • I

    Having trouble getting my pfSense install to respond to pings. It will respond on it's IPv4 address, but not IPv6. I can browse to IPv6 websites fine, and connect back to the routers web interface using IPv6 web proxies, but not ping. Anybody have any ideas? I'm not a pfSense or Firewalling newbie but I cannot figure it out. Thanks in advance.

    0
  • C

    Respond from where? Assuming you're showing your HE.net tunnel there, that rule will only allow pinging from the Internet.

    0
  • Rebel Alliance Developer Netgate

    If you do a traceroute6 from another host in, using icmp, how far does it get?

    That first rule for ICMP should be allowing it, does it show as blocked in your firewall logs?

    If so, click the 'x' and see what rule did the blocking, and show the log entry here.

    0
  • I

    Thanks guys. I completely disabled the firewall in pfSense, still could not ping the gateway from an outside IPv6 address.

    I did a traceroute from an outside website: http://www.subnetonline.com/pages/ipv6-network-tools/online-ipv6-traceroute.php

    The results are as follows:

    TraceRoute IPv6 Output:
    traceroute to www.t********r.com (2001:470:c:132c::2), 30 hops max, 40 byte packets
    1  2a02:348:82::1 (2a02:348:82::1)  0.199 ms  0.226 ms  0.251 ms
    xl-internetservices.nl.ip6.jointtransit.nl (2a02:10:0:1::e:3)  0.961 ms  0.980 ms  2.253 ms
    hurricane-electric.nikhef.nlsix.net (2001:7f8:13::a500:6939:1)  6.407 ms  6.205 ms  6.441 ms
    10gigabitethernet1-4.core1.lon1.he.net (2001:470:0:3f::1)  14.631 ms  15.022 ms  14.868 ms
    10gigabitethernet7-4.core1.nyc4.he.net (2001:470:0:128::1)  75.466 ms  74.583 ms  74.565 ms
    10gigabitethernet5-3.core1.lax1.he.net (2001:470:0:10e::1)  136.581 ms  136.629 ms  135.161 ms
    ordns.he.net (2001:470:20::2)  145.481 ms  139.272 ms  142.351 ms
    8  * * *
    9  * * *
    10  * * *
    11  * * *
    12  * * *
    13  * * *
    14  * * *
    15  * * *
    16  * * *
    17  * * *
    18  * * *
    19  * * *
    20  * * *
    21  * * *
    22  * * *
    23  * * *
    24  * * *
    25  * * *
    26  * * *
    27  * * *
    28  * * *
    29  * * *
    30  * * *

    Finished!

    I cannot figure this out!

    0
  • I

    I found a partial solution to the problem: If I ping the IPv6 address directly, it works fine. If I ping the domain name, it doesn't work even though I have AAAA addresses setup for the domain going to the same IP as I am pinging.

    0
  • I

    To update this:

    I think it ended up being the IPv6 Ping website I was using located in Denmark. I've since tried other ones and the ping seems to be working correctly.

    Thank you for your responses.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy