Once you've signed up with TunnelBroker.net, their "tunnel details" page will supply you with information about your tunnel:
IPv6 Tunnel Endpoints
- Server IPv4 Address:209.51.181.2
- Server IPv6 Address:2001:470:1f3a:1178::1/64
- Client IPv6 Address:2001:470:1f3a:1178::2/64Routed IPv6 Prefixes
- Routed /64:2001:470:1f3a:1178::/64
To configure TunnelBroker in m0n0wall:
- By default all IPv6 support is disabled. In order for IPv6 configuration settings to appear you must enable IPv6 support. Under System -> Advanced, check Enable IPv6 support, and click Save:
- In order to establish, or maintain a tunnel with Hurricane Electric, they must be able to ping you (over IPv4). This means that you must respond to ICMP packets on the WAN interface. UnderFirewall->IPv4 Rules, select the WAN tab. Click the add new rule button, and create the rule:
- Action: Pass
- Interface: WAN
- Protocol: ICMP
- ICMP type: any
- Description: Allow IPv4 ICMP packets
and click Save. - Next configure the WAN interface's IPv6 settings. Click Interfaces->WAN. Under IPv6 configuration:
- IPv6 mode: Tunnel
- IPv6 address:
2001:470:1f3a:1178::2/64 (Client IPv6 Address from tunnel details page) - IPv6 tunnel endpoint:
209.51.181.2(Server IPv4 Address from tunnel details page)
and click Save. - Next configure the LAN interface's IPv6 settings. Click Interfaces->LAN:
- IPv6 mode: static
- IPv6 address:
2001:470:1f3a:1178::/64 (Routed /64 from tunnel details page) - IPv6 RA: check Send IPv6 router advertisments
- MTU:
1280bytes
and click Save. - By default in monowall all outbound IPv4 traffic is permitted. With IPv6 we must manually create the similar rule to allow all outbound traffic. Click Firewall->IPv6 Rules and select the LAN tab, and click add new rule, and create the rule:
- Action: Pass
- Interface: LAN
- Protocol: any
- Source
Type: LAN subnet - Destination
Type: any - Description: IPv6 LAN -> any
and click Save. - Visit test-ipv6.com, to check that your IPv6 connectivity is working.
Tested with monowall v1.33
No comments:
Post a Comment