I'm running 7.2.8..
I just got IPv6 running, and I run dual stack IPv4 and IPv6
For some reason, I started receiving many 64:ff9b:: requests from some devices. (Amazon, I'm looking at you.)
I understand these are IPv6 requests to get to the IPv4 Internet. So how do I convert these and pass them along to IPv4?
There lots of instructions out there, but none seem to work. Every version of FortiOS seems to have changed how its done. First I created a VIP, capture all the 64:ff9b::-64:ff9b::ffff:ffff range and convert that to IPv4.
Now here is where I get stuck. I use Central NAT. How do I take this IPv4 address and get it out on the Internet, then take the response and convert it back to the device??? I can NAT it to a local IPv4 address, but I don't think its getting out on the Internet. Anyone have instructions on how to set this up? All the instruction I find are for earlier or later FortiOS versions and are not working on 7.2.8. Very frustrating.
Thanks in advance for any help.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
It's something that's likely botched.
"set permit-any-host enable" or full cone NAT does not work (properly).
Keep an eye on the release notes for the fix of 994784. It's still not fixed in 7.4 or earlier.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1641 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.