What is the equivalent configuration on OPNsense for this setup from Huawei?

[SecureGate]

Hello, team!

I have guidelines from my ISP on configuring my Huawei configuration router. However, I don't want to use the router from my ISP, so I want to use the OPNsense instead. So far, I have already connected to the internet through PPPoE. Still, I'm pretty confused about configuring the IPv6 for the WAN, especially finding the equivalent settings for "Prefix Acquisition Mode=DHCPv6-PD" and "IP Acquisition Mode=Automatic" in OPNsense.

PS: My ISP limits dialing PPPoE multiple times. Whenever I've made any changes to the WAN interface or the WAN port, the connection to PPPoE refuses, as the Point-to-Point log file says, "Access number is exceed." I have to call my ISP every time to reset my IP for the PPPoE dialing to be successful, so it has to be well-planned before modifying the WAN interface and WAN port.

[bartjsmit]

You can check that you have the PPPoE credentials correct with IPv4. Start with the defaults or with a laptop running Linux and the pppoe package installed, e.g. Ubuntu live USB.

Once you get a public IPv4 address, you can experiment with IPv6 without risk of failing to authenticate. Again, the defaults are a good start.

Bart...

[SecureGate]

You can check that you have the PPPoE credentials correct with IPv4. Start with the defaults or with a laptop running Linux and the pppoe package installed

Hello Bart, thanks for the reply! I want the PPPoE to be authenticated via OPNsense, not from Linux, as I also have to spoof the MAC addresses for PPPoE dialing work. My current setup is that my OPNsense is installed as a VM on my Proxmox VE server; the vmbr0 is connected to LAN (vtnet1), and vmbr1 is connected to WAN (vtnet0).

I'm happy with my current setup with PPPoE on OPNsense. However, I can only get the IPv4, but not the IPv6, for the internet address. If the configuration was done from my Huawei router, I should have the IPv6 prefix and IP address. But I don't know how to achieve this on OPNsense.

Edit: Here's how the DHCPv6-PD works. So far, I'm using PPPoEv6 on my WAN and got the IPv6 address for the WAN. Should I change my configuration like this?

[WAN]
--Generic configuration--
IPv6 Configuration Type: DHCPv6
--DHCPv6 client configuration--
Leave as default

[LAN]
--Generic configuration--
IPv6 Configuration Type: Track Interface
--Track IPv6 Interface--
Parent interface: WAN

[bartjsmit]

However, I can only get the IPv4, but not the IPv6

If you get IPv4 then the authentication works. I wasn't suggesting that you switch to Linux other than to test.

Make sure you allow all ICMPv6 on the WAN side. Once you get IPv6 on WAN, enable RADV on LAN for easy auto-configuration.

[SecureGate]

Hey Bart, I was finally able to obtain the IPv6 address from IPv4 PPPoE by following this tutorial. However, my ISP only gives me one IPv6 subnet (/64). Is there any way I could obtain more subnets for my VLANs?

[bartjsmit]

Not on this ISP - all your IPv6 subnets need to be /64

You could run a separate VLAN/subnet with HE (https://tunnelbroker.net/) but that could well be more trouble than it's worth

[SecureGate]

I only have private IP sadly, my ISP doesn't assign any public IP, so it's impossible for HE to pinging my IP, even I've allowed ICMP.