Hello,
First of all I want to note that I read through all the threads about the same problem (http://www.tunnelbroker.net/forums/index.php?topic=653.0), but I didn't find the solution to my problem.
I'm trying to set up a tunnel, which I've already requested. So I have the tunnel details, but the config commands for Vista/2008 don't seem to work. This is what I'm given:
netsh interface ipv6 add v6v4tunnel IP6Tunnel 193.190.253.144 216.66.84.46
netsh interface ipv6 add address IP6Tunnel 2001:470:1f14:762::2
netsh interface ipv6 add route ::/0 IP6Tunnel 2001:470:1f14:762::1
The first time entering these commands (as Administrator of course) I received no error, but I couldn't reach ipv6.google.com. So I reseted the ipv6 ("netsh int ipv6 reset"), but when I now try to enter the commands again I get the following error: "You were not connected because a duplicate name exists on the network. If joining a domain, go to System in Control Panel to change the computer name and try again. If joining a workgroup, choose another workgroup name." for the first command and "The object already exists." for the second and third.
Here is my "ipconfig /all" and "netstar -nr" information:
C:\Windows\system32>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Simon-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : kotnet.kuleuven.ac.be
Wireless LAN adapter Draadloze netwerkverbinding:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : kotnet.kuleuven.ac.be
Description . . . . . . . . . . . : Intel(R) PRO/Wireless 3945ABG Network Con
nection
Physical Address. . . . . . . . . : 00-1B-77-3D-59-0B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter LAN-verbinding:
Connection-specific DNS Suffix . : kotnet.kuleuven.ac.be
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : 00-1B-38-69-49-DB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d8c5:3f48:6398:9c5f%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.8.18.242(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.254.0
Lease Obtained. . . . . . . . . . : maandag 15 februari 2010 15:07:44
Lease Expires . . . . . . . . . . : maandag 15 februari 2010 17:07:44
Default Gateway . . . . . . . . . : fe80::8907:9e70:7a47:7500%11
10.8.19.254
DHCP Server . . . . . . . . . . . : 134.58.127.4
DHCPv6 IAID . . . . . . . . . . . : 234887992
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-09-B5-88-00-1B-38-69-49-DB
DNS Servers . . . . . . . . . . . : 134.58.126.3
134.58.127.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.kotnet.kuleuven.ac.be:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : kotnet.kuleuven.ac.be
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter IP6Tunnel:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Direct Point-to-point Adapater
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\Windows\system32>netstat -nr
===========================================================================
Interface List
13...00 1b 77 3d 59 0b ......Intel(R) PRO/Wireless 3945ABG Network Connection
11...00 1b 38 69 49 db ......Broadcom NetLink (TM) Gigabit Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Microsoft Direct Point-to-point Adapater
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.8.19.254 10.8.18.242 20
10.8.18.0 255.255.254.0 On-link 10.8.18.242 276
10.8.18.242 255.255.255.255 On-link 10.8.18.242 276
10.8.19.255 255.255.255.255 On-link 10.8.18.242 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.8.18.242 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.8.18.242 276
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 276 ::/0 fe80::8907:9e70:7a47:7500
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::d8c5:3f48:6398:9c5f/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 ::/0 2001:470:1f14:762::1
===========================================================================
Thanks in advance for your help!
Greetings,
Insano
Are you behind a NAT?
I think I am, but I'm not 100% sure. I'm on a university network where everybody shares the same IP to the outside world.
Is there a way to check this out for sure? And does this affect the way I should set up the tunnel?
QuoteI think I am, but I'm not 100% sure. I'm on a university network where everybody shares the same IP to the outside world.
Is there a way to check this out for sure?
My fault..I should have read the output you supplied a little closer. Your IP address is a 10., meaning you are on a NAT.
This would explain why you were unable to get your tunnel to work.
You had posted a copy of the output of your system...was it before or after you ran "netsh int ipv6 reset" ?
64-bit also requires that "interface=IP6Tunnel" bit to be used
Quote from: cholzhauer on February 15, 2010, 10:55:44 AMYou had posted a copy of the output of your system...was it before or after you ran "netsh int ipv6 reset" ?
The given output was from after I ran the "netsh int ipv6 reset" command, and is the current state I'm in.
Quote from: broquea on February 15, 2010, 11:03:49 AM
64-bit also requires that "interface=IP6Tunnel" bit to be used
Does this mean that the command
"netsh
interface ipv6 add v6v4tunnel IP6Tunnel 193.190.253.144 216.66.84.46"
should change into
"netsh
interface=IP6Tunnel ipv6 add v6v4tunnel IP6Tunnel 193.190.253.144 216.66.84.46"?
This gives the error message "The following command was not found: (...)", so I assume that's not the part that I have to change.
It means:
netsh interface ipv6 add v6v4tunnel interface=IP6Tunnel $ipv4b $ipv4a
Like in the example for Windows Vista/2008/7 in this forum thread
I see. I still get the two errors I described in my first post though when I try to execute the commands.
Two questions remain:
- Do I first have to remove all the commands I've entered before?
- Do I have to alter the commands to match a different IP than the one the outside world sees?
Thanks for the help so far, by the way!
There is some netsh ipv6 reset command, it's somewhere in all these Windows threads. I don't remember the command off hand.
You should be using the 10. address instead of the ipv4 endpoint, like the *NOTE* recommends when generating the example commands in the broker's webUI.
Just a reminder/FYI... Are you sure that the firewall you're behind is passing protocol41 traffic?
Quote from: broquea on February 16, 2010, 04:43:13 AM
There is some netsh ipv6 reset command, it's somewhere in all these Windows threads. I don't remember the command off hand.
You should be using the 10. address instead of the ipv4 endpoint, like the *NOTE* recommends when generating the example commands in the broker's webUI.
Okay, so I subsituted the 10. address (10.8.18.242) for my previous ipv4 endpoint address (193.190.253.14).
I entered the following command:
netsh interface ipv6 add v6v4tunnel interface=IP6Tunnel 10.8.18.242 216.66.84.46
But I get once again the same error:
"You were not connected because a duplicate name exists on the network. If joining a domain, go to System in Control Panel to change the computer name and try again. If joining a workgroup, choose another workgroup name."Quote from: cholzhauer on February 16, 2010, 05:09:41 AM
Just a reminder/FYI... Are you sure that the firewall you're behind is passing protocol41 traffic?
I have no idea whether this is the case. As you by now must have noticed, I'm new to this and still trying to figure a lot of this out.
If I had to guess, I'd say that the firewall of my router isn't blocking protocol41 traffic, because I could set up a proper tunnel with Hexago on Windows Vista.
Quote
I think I am, but I'm not 100% sure. I'm on a university network where everybody shares the same IP to the outside world.
If I had to guess, I would say proto/41 is being blocked "just because"
Hexago/Go6/GoGo6 does not use Proto/41..IIRC they tunnel over TCP.
As for your error, take a look at reply number 14 from jimb
http://www.tunnelbroker.net/forums/index.php?topic=780.0 (http://www.tunnelbroker.net/forums/index.php?topic=780.0)
That post of jimb helped me avoid the errors. I now have the connection set up, but its state is disconnected.
Here is the code of the command inputs and the interface state at the end.
C:\Windows\system32>netsh int ipv6 show interface
Idx Met MTU State Name
--- ---------- ---------- ------------ ---------------------------
1 50 4294967295 connected Loopback Pseudo-Interface 1
13 50 1500 disconnected Draadloze netwerkverbinding
12 50 1280 disconnected isatap.kotnet.kuleuven.ac.be
14 50 1280 disconnected isatap.kotnet.org
11 20 1500 connected LAN-verbinding
C:\Windows\system32>netsh interface ipv6 add v6v4tunnel interface=IP6Tunnel 10.8
.18.242 216.66.84.46
C:\Windows\system32>netsh int ipv6 show interface
Idx Met MTU State Name
--- ---------- ---------- ------------ ---------------------------
1 50 4294967295 connected Loopback Pseudo-Interface 1
13 50 1500 disconnected Draadloze netwerkverbinding
12 50 1280 disconnected isatap.kotnet.kuleuven.ac.be
14 50 1280 disconnected isatap.kotnet.org
11 20 1500 connected LAN-verbinding
16 50 1280 disconnected IP6Tunnel
C:\Windows\system32>netsh interface ipv6 add address interface=IP6Tunnel 2001:47
0:1f14:762::2
C:\Windows\system32>netsh interface ipv6 add route ::/0 interface=IP6Tunnel 2001
:470:1f14:762::1
Ok.
C:\Windows\system32>netsh int ipv6 show interface
Idx Met MTU State Name
--- ---------- ---------- ------------ ---------------------------
1 50 4294967295 connected Loopback Pseudo-Interface 1
13 50 1500 disconnected Draadloze netwerkverbinding
12 50 1280 disconnected isatap.kotnet.kuleuven.ac.be
14 50 1280 disconnected isatap.kotnet.org
11 20 1500 connected LAN-verbinding
16 50 1280 disconnected IP6Tunnel
Have you tried pinging something like ipv6.google.com?
Most firewalls/NAT devices won't allow proto-41 traffic in unless something inside generates outbound proto-41 traffic. Therefore the status will be 'disconnected' until some traffic is generated.
What are you using for your network firewall/NAT? If possible configure a protocol forward NAT entry on this device, forwarding any IP protocol 41 traffic arriving at the public IPv4 to your windows box's private IPv4.
Quote from: jimb on February 16, 2010, 09:11:42 AM
Have you tried pinging something like ipv6.google.com?
When I do this (ping ipv6.google.com) I get the following error:
"Ping request could not find host ipv6.google.com. Please check the name and try again."Quote from: jimb on February 16, 2010, 09:11:42 AMWhat are you using for your network firewall/NAT? If possible configure a protocol forward NAT entry on this device, forwarding any IP protocol 41 traffic arriving at the public IPv4 to your windows box's private IPv4.
On this machine, I have BitDefender Total Security 2010 as firewall. I have no access to any settings outside of my windows box, so I don't think I can set up such a forwarding of traffic.
Quote
"Ping request could not find host ipv6.google.com. Please check the name and try again."
Sounds like a DNS issue.
Does Bit Defender know what IPv6 is? If the firewalls don't know what IPv6 is, they normally discard it.
I go back to the protocol41 issue though, and Jimb also hinted at it. If you don't have rights to the firewall to look at the config to to change the config, you'll need to stick to Hexago or Sixxs.
Quote from: Insano on February 16, 2010, 10:11:02 AM
Quote from: jimb on February 16, 2010, 09:11:42 AM
Have you tried pinging something like ipv6.google.com?
When I do this (ping ipv6.google.com) I get the following error:
"Ping request could not find host ipv6.google.com. Please check the name and try again."
Hrm. Well you have even more problems. Apparently your DNS server doesn't return AAAA records, or filters them. You may want to point your win7 box to openDNS or google DNS or something like that.
In the meantime, try to ping the other side of the tunnel by IP: 2001:470:1f14:762::1
QuoteQuote from: jimb on February 16, 2010, 09:11:42 AMWhat are you using for your network firewall/NAT? If possible configure a protocol forward NAT entry on this device, forwarding any IP protocol 41 traffic arriving at the public IPv4 to your windows box's private IPv4.
On this machine, I have BitDefender Total Security 2010 as firewall. I have no access to any settings outside of my windows box, so I don't think I can set up such a forwarding of traffic.
Hrm. Third party firewalls which replace the built in windows firewall is asking for trouble when it comes to IPv6, in my experience. Some of them don't even support IPv6 period. You may want to disable the FW parts of the product and use the windows firewall and see if it works. Otherwise, if it supports IPv6, you'll probably have to go in there an add an exclusion, or some permit security policy entry for IP protocol 41 incoming from the HE tunnel server to your windows box.
I switched to Google DNS server and I keep getting the same error message when pinging ipv6.google.com. Besides that, I also get a "General failure" when pinging the other side of the tunnel.
This is with the third party firewall disabled as well.
It looks like this is the end of my journey, and I'll be resorting to Hexago or Sixxs instead.
Thanks for all the help, people!
FYI, if using an external resolver fails to look up ipv6.google.com, using another broker won't fix dns resolution errors. 8.8.8.8 definitely returns an answer for it btw:
:~$ dig aaaa ipv6.google.com @8.8.8.8
; <<>> DiG 9.6.1-P2 <<>> aaaa ipv6.google.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38829
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ipv6.google.com. IN AAAA
;; ANSWER SECTION:
ipv6.google.com. 2180 IN CNAME ipv6.l.google.com.
ipv6.l.google.com. 233 IN AAAA 2001:4860:b006::68
ipv6.l.google.com. 233 IN AAAA 2001:4860:b006::63
ipv6.l.google.com. 233 IN AAAA 2001:4860:b006::69
ipv6.l.google.com. 233 IN AAAA 2001:4860:b006::93
ipv6.l.google.com. 233 IN AAAA 2001:4860:b006::6a
ipv6.l.google.com. 233 IN AAAA 2001:4860:b006::67
;; Query time: 25 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Feb 16 11:05:31 2010
;; MSG SIZE rcvd: 222