Messages

The Problem was the ISP, they had to configure a route to my LAN net at their router.

Then I had the problem that i could ping my ipv6 from the outside but firewall and clients could not reach the outside. I had to delete everything with ipv6 and set the Ipv6 config on the firewall again.

Thanks for the help

It seems I need to contact the ISP, thanks for you help, will update when I have a solution

Regards

Thanks for the reply.

when I set the source to d201::1 i cant ping the isp gateway or any other address

I was not instructed to set d200::2 as my WAN, i just picked the next available, but it doesn't seem to matter what i set as wan the behavior keeps the same.
What I've written in the first post is all I got regarding IPv6 from them.

Hi there,

I am trying to configure the IPv6 subnet I got from my ISP, but I cannot get connectivity between devices on the LAN and anything outside my firewall. I have tried solutions found on the forums but nothing seems to work.

Here's what I got from the ISP:
Subnet: xxxx:xxxx:xxxx:d200::
Prefix: /56
Gateway/Router address: xxxx:xxxx:xxxx:d200::1
I am from Germany and the ISP is 1&1 Versatel, if it matters.

What I have configured on my OpnSense:
WAN: Static IPv6 xxxx:xxxx:xxxx:d200::2/64 with upstream gateway xxxx:xxxx:xxxx:d200::1
LAN: Static IPv6 xxxx:xxxx:xxxx:d201::1/64

- IPv6 is allowed in Firewall / Settings / Advanced
- ICMPv6 on WAN and LAN is allowed (in case of ndp)
- IPv6 outbound on WAN and LAN allowed

As this is a production network, I cannot enable DHCPv6 and RA without confirming that connectivity is working. I gave my client xxxx:xxxx:xxxx:d201::2/64 with a gateway of xxxx:xxxx:xxxx:d201::1. I can ping xxxx:xxxx:xxxx:d201::1 and xxxx:xxxx:xxxx:d200::2, but I cannot reach the ISP's gateway of xxxx:xxxx:xxxx:d200::1 or other external IPs.

From the firewall itself I can reach external IPv6's and the ISPs Gateway. From outside, only xxxx:xxxx:xxxx:d200::2 is pingable.

Is this a configuration problem or do I need to contact my ISP? In the beginning we had problems with IPv4 not routing correctly, but this has been fixed.

Hi there,

I have a setup similar to OP's. My provider gave me a /56 subnet where xxxx:xxxx:xxxx:xx00::1 is the ISPs router.

I tried to recreate Zan's solution but can't configure xxxx:xxxx:xxxx:xx00::2 as the upstream gateway for LAN, it says the address is outside the LAN subnet. xxxx:xxxx:xxxx:xx01::1/64 is the LAN Interface address.

Hope someone can help me.
Kind regards