On Tue, Oct 08, 2013 at 06:54:55AM +0200, Olivier Mascia wrote: > Le 3 oct. 2013 à 13:26, Eugen Leitl <[email protected]> a écrit : > > > I've got a /64 and /48 from HE.net tunnelbroker, and followed > > https://doc.pfsense.org/index.php/Using_IPv6_on_2.1_with_a_Tunnel_Broker > > > > The tunnel is working (I can ping6 everything fine, including > > DNS name resolution), I've put a static address from my /48 on > > the LAN, and DHCPv6 does assign addresses from that /48 to > > machines on LAN (from a /56 ff00:0000:0000:0000:0000 > > to ffff:ffff:ffff:ffff:ffff). However, can't get IPv6 traffic > > to outside from any LAN machines. Windows says helpful > > things like PING: transmit failed. General failure. > > // I’m no expert, just sharing some past-experience that may or not apply to > your case. //
Thanks! > Assuming Firewall LAN rules have been adjusted to permit that kind (or all) > outgoing IPv6 traffic… Affirmative. Btw, I can ping the IPv6 LAN address from another IPv6 system out there. > start by checking you have an IPv6 gateway defined on those windows machines. > That seems to be the problem. Do I need to make the LAN IPv6 the gateway, or the GIF/HE.net tunnel endpoint? > DHCPv6 won’t allow you to set it. You can get pfSense to serve it to your > LAN through router advertisements. > See Services - DHCPv6 Server/RA and concentrate on LAN / Router > advertisements. Managed mode should be an appropriate start if you have a > DHCPv6 serving your LAN. Might have to reboot windows computers or at the > very least do ipconfig /release6 and ipconfig /renew6. I had this briefly working on Windows, but not on Linux. After that the firewall lost connection (it seems even on IPv4) and required reboot. Strange, I even managed to crash the cable modem up to the point of losing built-in VoIP mid-session. _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
