IPv6 Rules with Gateway not working.

[novel]

Hello,

I get the internet via wifi. My ubiquiti nanostation is connected as a bridged mode via wifi at my brother's wifi connection then nanostation goes the internet through ethernet port to OPNsense then to my laptop.

If I remove the ethernet cable from OPNsense, then I connected the ethernet cable directly to my laptop the IPV6 works fine. So I thing the problem is from OPNsense.

I post some photos with settings.

    Interfaces: [LAN]    Track Interface
    Interfaces: [WAN]   SLAAC

[Maurice]

A SLAAC WAN can only provide IPv6 connectivity for OPNsense itself, not for devices in its LANs. You'll need DHCPv6 Prefix Delegation for this, which also needs to be supported by the upstream router.

Cheers
Maurice

[novel]

A SLAAC WAN can only provide IPv6 connectivity for OPNsense itself, not for devices in its LANs. You'll need DHCPv6 Prefix Delegation for this, which also needs to be supported by the upstream router.

Cheers
Maurice

Thank you for replying

I changed from SLAAC to DHCPv6, with no luck.  DHCPv6 Server not restarting...

[Maurice]

Does the upstream DHCPv6 server (= your brother's router) support Prefix Delegation and is it configured correctly?

[novel]

Does the upstream DHCPv6 server (= your brother's router) support Prefix Delegation and is it configured correctly?

I don't have access in his router. As I said If I take the ethernet cable then connected directly to my laptop. I have ipv6 connection.

So I thing the answer in you question is Yes . but  as I said I don't have access on his router to see the settings.

[Maurice]

If you connect your laptop directly to the WLAN bridge, no Prefix Delegation is required - the laptop gets an IPv6 address from your brother's router.
But if you connect the OPNsense WAN to the WLAN bridge and your laptop to the OPNsense LAN, Prefix Delegation is required so OPNsense can provide an IPv6 address to your laptop.

If Prefix Delegation isn't set up on the other router and you don't have access to it, this unfortunately won't work.

If you're desperate, you could configure IPv6 outbound NAT in OPNsense.

[novel]

If you connect your laptop directly to the WLAN bridge, no Prefix Delegation is required - the laptop gets an IPv6 address from your brother's router.
But if you connect the OPNsense WAN to the WLAN bridge and your laptop to the OPNsense LAN, Prefix Delegation is required so OPNsense can provide an IPv6 address to your laptop.

If Prefix Delegation isn't set up on the other router and you don't have access to it, this unfortunately won't work.

If you're desperate, you could configure IPv6 outbound NAT in OPNsense.

Would you like to help me, what are the next steps to configure  IPv6 outbound NAT in OPNsense ?

[Maurice]

- configure the OPNsense LAN interface with a static IPv6 address, like 2001:db8::1/64
- set the Router Advertisements mode to "Unmanaged"
- enable hybrid outbound NAT rule generation
- create an IPv6 outbound NAT rule for the WAN interface

[novel]

- configure the OPNsense LAN interface with a static IPv6 address, like 2001:db8::1/64
- set the Router Advertisements mode to "Unmanaged"
- enable hybrid outbound NAT rule generation
- create an IPv6 outbound NAT rule for the WAN interface

I did it -->   2001:db8::1/64
I dit --> - set the Router Advertisements mode to "Unmanaged"

What I have to put inside outbound nat rule in wan inteface?? Would you like to show me an example?

[Maurice]

The outbound NAT rule should work with default settings, you only need to set the TCP/IP version to IPv6.

[novel]

The outbound NAT rule should work with default settings, you only need to set the TCP/IP version to IPv6.

Please look at the photo. Is it correct?

[Maurice]

Yes, everything visible in the screenshot is correct.

[novel]

Yes, everything visible in the screenshot is correct.

You are GOD! Thank you very much. I solved it.

[novel]

Do I have to enable  "Enable DHCPv6 server on LAN interface" or any other service fro ipv6???

[Maurice]

DHCPv6 shouldn't be required, most devices support SLAAC (Router Advertisements "Unmanaged" mode).