Forum Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
websavages
Beginner

on ‎18-02-2024 17h46

1,414 Views
Message 1 of 7

Yet another pfSense IPv6 question

Go to solution
Hi all,

Running pfSense on a host with dual NICs. WAN is connected directly to the ONT.
I've followed the instructions found here inc. ensuring that the firewall rules exist to allow IPv6 traffic out. Yet sadly no joy when trying to contact the outside world using IPv6. 

As you can see from the below I am getting assigned, well I think I am, an IPv6 address. But when I try a traceroute6 from an internal host to www.google.com it dies after the router (see last image). Using traceroute the IPv4 version does work as expected.
 
pfSense version
pfSense version.png

status of interfaces
interfaces status.png
WAN config
wan config.png
Firewall rules
firewall rules.png
 
traceroute6 output
Screenshot 2024-02-18 at 17.42.34.png
 
Any ideas?
 
Cheers ws
--
I didn't break it.
I merely exceeded its operational limits!
--
0 Ratings
Reply
6 REPLIES 6
Les-Gibson
Guru

on ‎18-02-2024 18h58

1,381 Views
Message 2 of 7

Re: Yet another pfSense IPv6 question

Go to solution

You might be better off following this guide. How to Configure pfSense: The Ultimate Setup Guide for 2024 (comparitech.com)

0 Ratings
Reply
brookheather
Expert

‎18-02-2024 19h48 - edited ‎18-02-2024 19h59

1,373 Views
Message 3 of 7

Re: Yet another pfSense IPv6 question

Go to solution

Your settings look OK - they match my IPv6 settings on my pfSense router.  I'm not sure you are getting an IPv6 address on LAN - it should be something like 2a00:23c8:xxxx:xxxx:yyyy:yyyy:yyyy:yyyy - at least that is what mine looks like.  By the way you can change MTU to 1500 but that won't fix your curreny IPv6 issue.  What do you have on the WAN firewall rules?  I have a WAN rule for IPv4+IPv6 ICMP (ping).

On LAN interface settings you need to set IPv6 Configuration Type to Track Interface and IPv6 Interface to WAN.  IPv6 Prefix ID can be set to 1.  You will also need to change the WAN_PPPOE Monitor IP to something like 1.1.1.1 as the BT gateway router won't respond to pings.

____________________________________________
BT FTTP 500/75 + pfSense + 4 x UniFi Wifi 6 Pro
0 Ratings
Reply
websavages
Beginner

on ‎18-02-2024 21h29

1,362 Views
Message 4 of 7

Re: Yet another pfSense IPv6 question

Go to solution
Thanks, will take a look
--
I didn't break it.
I merely exceeded its operational limits!
--
0 Ratings
Reply
websavages
Beginner

‎18-02-2024 21h36 - edited ‎18-02-2024 21h44

1,359 Views
Message 5 of 7

Re: Yet another pfSense IPv6 question

Go to solution

@brookheather I've assigned a static ipv6 address to my LAN. Am looking to run IPv6 internally as well.

static settings
static ipv6.png

Default gateways
default gateway.png

 

In terms of WAN firewall rules, it's deny everything. I would expect the IPv6 ICMP reply packets to be allowed through as they are related, as it happens with IPv4

Cheers ws

--
I didn't break it.
I merely exceeded its operational limits!
--
0 Ratings
Reply
brookheather
Expert

on ‎18-02-2024 22h38

1,345 Views
Message 6 of 7

Re: Yet another pfSense IPv6 question

Go to solution

You can't set a static IPv6 address on the LAN interface - change the config type to Track Interface.

____________________________________________
BT FTTP 500/75 + pfSense + 4 x UniFi Wifi 6 Pro
0 Ratings
Reply
websavages
Beginner

on ‎20-02-2024 7h22

1,272 Views
Message 7 of 7

Re: Yet another pfSense IPv6 question

Go to solution

Thank you @brookheather for your help.

Cheers ws

--
I didn't break it.
I merely exceeded its operational limits!
--
0 Ratings
Reply