| Description | This article describes how to configure Tunnel Broker service in order to learn and lab IPv6. |
| Scope | FortiOS 7.2, 7.4, 7.6 |
| Solution |
A tunnel broker can be a useful service for testing IPv6 technologies if your ISP does not provide them as the service allows for you to reach the internet via IPv6 over existing infrastructure. The article will feature Hurricane Electric's free IPv6 service, which provides /64 and /48 globally routable prefixes. These can easily be configured on a FortiGate/FortiOS device utilizing a SIT tunnel.
Note that utilizing this service is intended for educational purposes. Hurricane Electric notes this additionally on their website: 'Our tunnel service is oriented towards developers and experimenters that want a stable tunnel platform.'
To begin, sign up for an account with Hurricane Electric on the registration page. After signing up, confirm the account creation via e-mail. Once this is completed, a globally routable /64 prefix will be issued, as well as a /48. Additionally, the information required to configure the SIT tunnel in FortiOS will be sent.
The final step is to configure the SIT tunnel in FortiOS and create a default route utilizing it.
config system sit-tunnel edit "HE" set destination 216.66.80.30 set ip6 2001:1:2:3::2/64 set source 1.2.3.4 next end
config router static6 edit 1 set device "HE" next end Afterwards, perform a ping to confirm IPv6 is working:
execute ping6 2001:4860:4860::8888 |
