IPv6 to PFsense Lan behind Fritz!Box 6360
-
Well, thank you for the response/info anyway.
My questions have been answered, my current setup can not be solved at this stage for this network setup.
So options are to somehow get FB out of the picture or wait for a feature that might or might not be added. -
You can definitely use a private address on the pfsense WAN. That will work.
And if you must have IPV6 on the pfsense, you can get a GIF interface from Hurricane Electric.
That way you can assign a static /48 ipv6 to pfsense.As long as you can open ICMP for ping on the router connected directly to the internet it should work.
Its not exactly what you asked about but it gets you both IPV4 and 6 on pfsense and your fritzbox.
-
You can definitely use a private address on the pfsense WAN. That will work.
And if you must have IPV6 on the pfsense, you can get a GIF interface from Hurricane Electric.
That way you can assign a static /48 ipv6 to pfsense.As long as you can open ICMP for ping on the router connected directly to the Internet it should work.
Its not exactly what you asked about but it gets you both IPV4 and 6 on pfsense and your fritzbox.
I have tested HE and SixXS on the pfSense using GIF but have not been able to get it to work behind the FB. The connection from FB to pfSense is a "Exposed Host" connection so FB is not blocking anything but I am still not able to get the GIF connection to work.
Will try to set it up again as that would indeed fix my issue and that was the first configuration I tried the first time almost a year ago (and a few times since then with different pfSense versions.
-
It can be done - Trust me.
For example, I have a home network here that is crap.
Its a DSL connection and access to things like allowing ICMP is blocked.
Basic port forwarding is all that can happen in this apartment, so not able to set up HE here or IPV6.
Soooooo - I took a machine, installed a Linux Mint VM and a pfsense VM.
Then I set pfsense as openvpn client to a server I have running in the USA.
Then I set the endpoint of the HE tunnel as the machine in the USA.
But all the rest of the HE IPV6 settings I installed on the pfsense VM running here.
So, I get USA IPV4 and a /48 here, on this pfsense, but the GIF interface is tunneled through my machine in the USA.
All that because my ISP here blocks ICMP by default.
Where there is a will, there is a way.
-
I have tested HE and SixXS on the pfSense using GIF but have not been able to get it to work behind the FB. The connection from FB to pfSense is a "Exposed Host" connection so FB is not blocking anything but I am still not able to get the GIF connection to work.
Note that forwarding TCP and UDP (which is most likely what your "exposed host" setting does) is not sufficient; you'll need to forward protocol 41 (6in4) as well.
-
Ended up opting out and getting a Cisco EPC3825 that can do both pure bridge and "IP Address Pass-through " feature. In other word no double NAT issues and Fritz!Box half locked config from operator.