Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

Setting Up NAT64 to handle 64:ff9b:: requests

I'm running 7.2.8..

I just got IPv6 running, and I run dual stack IPv4 and IPv6

For some reason, I started receiving many 64:ff9b:: requests from some devices. (Amazon, I'm looking at you.)

I understand these are IPv6 requests to get to the IPv4 Internet.  So how do I convert these and pass them along to IPv4?


There lots of instructions out there, but none seem to work.  Every version of FortiOS seems to have changed how its done.  First I created a VIP, capture all the 64:ff9b::-64:ff9b::ffff:ffff range and convert that to IPv4.  


Now here is where I get stuck.  I use Central NAT.  How do I take this IPv4 address and get it out on the Internet, then take the response and convert it back to the device???  I can NAT it to a local IPv4 address, but I don't think its getting out on the Internet.  Anyone have instructions on how to set this up?  All the instruction I find are for earlier or later FortiOS versions and are not working on 7.2.8.  Very frustrating.

Thanks in advance for any help.


It's something that's likely botched.

"set permit-any-host enable" or full cone NAT does not work (properly).

Keep an eye on the release notes for the fix of 994784. It's still not fixed in 7.4 or earlier.

- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
Top Kudoed Authors