Skip to main content
rafaelmartinsrm
rafaelmartinsrm
New Member
December 12, 2021
Solved

IPv6 Transport Network on WAN interface

  • December 12, 2021
  • 1 reply
  • 3316 views

Hello, 

I am having some problems configuring IPv6 on FortiGate.

My ISP provides me a /48 but wants me to use a static IP on a transport network (/126) on WAN, where my router is ::2 and their router is ::1.

 

Can someone help me on this? I tried setting the ::2/126 on WAN interface, creating a static route to ::/0 from ::1 and manually setting a  /64 subnet on a interface but the interface is not pingable and I can't ping outsite from this interface aswell.

Best answer by rafaelmartinsrm

Thank you for your reply, drixter.

After talking with ISP, I noticed they had configured ::1/48 on their interface, that's why it was not working. They changed the interface to ::1/126 and created a route for all packets with my /48 as destination to go to ::2/126.

 

 

 

 

1 reply

drixter
drixter
Visitor III
December 19, 2021

Hi,

 

Your config looks ok:

WAN: ::2/126, static route 0::/0 via ::1/126 (so your ISP)

Then you should be able to ping from your Fortigate outside world.

Then on LAN assign /64 from /48 what you have.

Then setup for example on LAN interface SLAAC with your network and DHCPv6.

Statefull server leave disabled, generating more issues with all know boxes (Android, Windows, ...)

 

Please remember that you need policies to make it working from LAN, so you need rule from LAN to WAN for IPv6 - there are separated from IPv4.

 

I hope this help to move forward.

 

Thanks,

rafaelmartinsrm
rafaelmartinsrmAuthorAnswer
New Member
December 20, 2021

Thank you for your reply, drixter.

After talking with ISP, I noticed they had configured ::1/48 on their interface, that's why it was not working. They changed the interface to ::1/126 and created a route for all packets with my /48 as destination to go to ::2/126.

 

 

 

 

Terms & ConditionsAccessibility statement