I'm trying to get my IPv6 network to connect to the internet but since im running machines with 4.0 MR3 im wondering how I go about this or if its even possible. So my setup is purely for experimental and learning purposes. Three fortigates: A FortiGate 50B, a FortiGate 100A and a FortiGate 60B. The 50B connects directly to the 100A via a VPN tunnel. The 100A connects to the 60B using BGP via two QinQ switches (because why not? no idea if its useful, but it works). Each FG has a set of VLANS with their respective DHCP configurations. The FG50B has three HP switches in a mesh, the 100A has three switches in an RSTP, one of which is mixedvlan and serves as qinq as well as the other qinq switch that is also mixed ofcourse. The 60B can send its VLAN dhcp stuff to the mixeds and the RSTPs as well. The 100A has the ISP connection via its wan1 interface. Everything in my network can communicate internally right now just for testing purposes but getting out to the internet only works with the IPv4 protocol for obvious reasons. Other than creating an SIT tunnel which would require a destination that accepts my connection (i think?), I'm unsure how to configure 4.0 machines to allow 6to4. It seems that NAT64 and DNS64 is not supported so that got me wondering if its even possible to begin with. Any illumination on this predicament would be much appreciated. c:
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Will if NAT64 is not available in the FortiOS version & if your ISP offers no native IPv6 wan, than I think you have you answer ( some type of tunnel )
Have you looked at Hurricane Electric? or other tunnel providers ?
http://socpuppet.blogspot.com/2014/07/getting-free-ipv6-experience-by-using.html
http://socpuppet.blogspot.com/2014/11/my-sixxs-ipv6-tunnel-setup-attempts.html
A second option would be to setup a device that does 64 NAT and use that as gateway for internet access. You can do for pennies with linux/bsd or some cheap fw/router or heck maybe pfSense/OpenSense
Ken Felix
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.