Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

[Solved] Configuring IPv6 DHCP on 30E

Hi guys,


I've been trying to get IPv6 to work properly on our 30E but I'm have a lot of difficulty setting it up correctly. 

On the WAN side we're receiving an IPv6 address from the ISP and we're able to ping6 to random IPv6 hosts: 

get system interface physical == [onboard]         ==[wan]                 mode: dhcp                 ip:                 ipv6: 2a02:xxx:xxx:9::9ee/128                 status: up                 speed: 1000Mbps (Duplex: full)


# execute ping6 PING 56 data bytes 64 bytes from 2a00:1450:400e:80a::200e: icmp_seq=1 ttl=55 time=15.0 ms 64 bytes from 2a00:1450:400e:80a::200e: icmp_seq=2 ttl=55 time=13.5 ms 64 bytes from 2a00:1450:400e:80a::200e: icmp_seq=3 ttl=55 time=14.9 ms 64 bytes from 2a00:1450:400e:80a::200e: icmp_seq=4 ttl=55 time=13.6 ms 64 bytes from 2a00:1450:400e:80a::200e: icmp_seq=5 ttl=55 time=15.8 ms


But we can't get the LAN devices to receive an IPv6 IP address. I've gone through tons of posts and tutorials without any success. Here's a brief output of the WAN and LAN interface configs:


# show system interface wan config system interface     edit "wan"         set vdom "root"         set mode dhcp         set distance 2         set allowaccess ping https http fgfm         set type physical         set role wan         set snmp-index 1         config ipv6             set ip6-mode dhcp             set ip6-allowaccess ping https ssh             set dhcp6-prefix-delegation enable         end         set macaddr xx:xx:xx:xx:xx:xx     next end


# show system interface lan config system interface     edit "lan"         set vdom "root"         set ip         set allowaccess ping https ssh http fgfm capwap         set type hard-switch         set stp enable         set device-identification enable         set fortiheartbeat enable         set role lan         set snmp-index 4         config ipv6             set ip6-mode dhcp             set ip6-allowaccess ping https ssh http fgfm capwap         end     next end


We're pretty sure the lack of IPv6 on the LAN side has to do with the settings in system config dhcp6 server, which are non-existent but it's unclear how we are to set this up. Trying to follow this guide didn't get us anywhere. Specifically because of some of the terms used. For instance interface "port29", is this a WAN or LAN facing interface (the set-role attribute isn't used anywhere). Also the choice to assign IP address fd00::1/64, which to the best of our knowledge is a ULA address used for local traffic, is unclear. Also, with the trailing "/64", wouldn't this allow for an immensely large pool of IP addresses?


What we're trying to achieve here is that all the hosts on our network receive an IP address in our ISP's range of 2a02:xxx.


Before the 30E we had a Linksys LRT214 which did this all out-of-the-box and at home I have an AmpliFi which also just works when enabling the IPv6 checkmark :). 


Any help with this would be greatly appreciated. Thanks in advance,

Kris Coady

New Contributor II



The guide at helped fix the issue. Specifically the following lines of code on the LAN interface:


config ipv6 set ip6-mode delegated set ip6-allowaccess ping https ssh http fgfm capwap set ip6-send-adv enable set ip6-manage-flag enable set ip6-upstream-interface "wan" set ip6-subnet ::1/64 config ip6-delegated-prefix-list edit 1 set upstream-interface "wan" set autonomous-flag enable set onlink-flag enable set subnet ::/64

Top Kudoed Authors