pfSense / FritzBox / how to setup Tunnel
Shadow Hawkins on Tuesday, 22 July 2014 15:21:33
Hi there,
i have pfSense running as Firewall. On WAN Interface is my FritzBox with IPv4 Connectivity and DHCP (pfSense is the only host connected to Fritzbox and is also an exposed host)
Now I want to set up IPv6 with a SixXS Tunnel using this Tutorial
Unfortunately it tells me that my Gateway is offline.
What I do not understand:
* How can this work when I cannot provide the Account details for SixXS anywhere in this process
* Exactly what information (from the Tunnel) do I have to provide for pfSense
* Do I use the (or need any information from) subnet provided by SixXS? I'm not sure I understand that atm
* My router (FritzBox) does not need to know about IPv6, right?
I tried to read about all that but at the moment I'm a little bit stuck. If there is someone out there who can help me or who already set up a similar configuration, any help will be greatly appreciated :-)
Thank you
Martin
pfSense / FritzBox / how to setup Tunnel
Jeroen Massar on Tuesday, 22 July 2014 15:25:29 * How can this work when I cannot provide the Account details for SixXS anywhere in this process
Because the TIC is just a convenience protocol and completely optional if one wants to type in the variables manually.
Typically though for a heartbeat or AYIYA tunnel one will use TIC as that avoids having to type in the long heartbeat passwords, which can change over time.
* Exactly what information (from the Tunnel) do I have to provide for pfSense
The stuff it asks for. Likely there are two parts: the tunnel details + subnet details.
Find them in your user home.
* Do I use the (or need any information from) subnet provided by SixXS? I'm not sure I understand that atm
Unless you do not want to connect any other devices behind your box, you'll have to use the subnet that is routed over the associated tunnel.
* My router (FritzBox) does not need to know about IPv6, right?
Depends on how things are setup. Fritz!Boxes can also do IPv6, they have a native heartbeat client.
pfSense / FritzBox / how to setup Tunnel
Shadow Hawkins on Tuesday, 22 July 2014 16:21:43
Ok, just so we are clear on that:
"gif remote address" (in pfSense) is supposed to contain the "Server IPv4 Adress", I put in the "POP IPv4" from my tunnel
"gif tunnel local address" is supposed to contain the "Client IPv6 adress", I put in the "Your IPv6" from my tunnel
"gif tunnel remote adress" is supposed to contain the "Server IPv6 address", I put in the "POP IPv6" from my tunnel
I think that I made a mistake here since I do not provide any information from the subnet. Can you please clarify?
I want pfSense to manage IPv6 so I have to disable it in my Fritzbox ? There are a number of clients behind pfSense, these are all to be given IPv6 adresses
pfSense / FritzBox / how to setup Tunnel
Jeroen Massar on Wednesday, 23 July 2014 13:48:06
Martin Weil wrote:
Ok, just so we are clear on that:
"gif remote address" (in pfSense) is supposed to contain the "Server IPv4 Adress", I put in the "POP IPv4" from my tunnel
"gif tunnel local address" is supposed to contain the "Client IPv6 adress", I put in the "Your IPv6" from my tunnel
"gif tunnel remote adress" is supposed to contain the "Server IPv6 address", I put in the "POP IPv6" from my tunnel
Looks quite fine. A MTU size specification should be there too though and quite likely also a prefix length for that subnet.
Bit odd that they call it "gif tunnel" addresses, while they are 'gif' device tunnels, not something the user should be caring about.
I think that I made a mistake here since I do not provide any information from the subnet. Can you please clarify?
Most likely you'll have to enter that information in the per-interface settings.
I want pfSense to manage IPv6 so I have to disable it in my Fritzbox ?
Depends completely on your setup, that is, how things are connected.
Posting is only allowed when you are logged in. |