• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

DrayTek 2820 + pfsense + IPv6

Started by hecert, October 18, 2014, 07:31:16 AM

Previous topic - Next topic

hecert

Hi All

Currently I have a DrayTek 2820vn ADSL router, this router doesn't support IPv6 at all. I want to build myself a new pfsense firewall which does support IPv6. What I was going to do was connect one of the DrayTeks LAN ports to the WAN port of the pfsense firewall (ie: the pfsense box will be behind the DrayTek router). This is so that I can continue using the ADSL modem on the DrayTek (the pfsense box won't have an ADSL modem nor do I want to buy one). I was then going to enable the "DMZ host" feature on the DrayTek and point it to the IP address on the WAN port of the pfsense box.

Would this work ok with IPv6? From what I understand if I enable the DMZ host on the DrayTek then it'll pass ALL traffic (including protocol 41 I assume) from the internet to the designated IP address on the WAN of the pfsense box.

If this does work then I assume I can use the pfsense firewall rules to restrict who can and can't connect to what on the IPv6 addresses on my LAN?

Thanks all!

cholzhauer

I assume you mean the DrayTek won't host a tunnel (I have no idea, I'll take your word for it)

As long as your ISP is NOT blocking Proto41 AND as long as the DrayTek will pass all traffic, then yes, this will work.

hecert

Quote from: cholzhauer on October 18, 2014, 03:24:13 PM
I assume you mean the DrayTek won't host a tunnel (I have no idea, I'll take your word for it)

As long as your ISP is NOT blocking Proto41 AND as long as the DrayTek will pass all traffic, then yes, this will work.

After reading some more online what I mentioned in my first post is a bad idea due to double NAT.

Firstly, to answer your question, the ISP does not block anything so I am all good on the protocol 41 side of things.

What I think I'll be doing is turning my DrayTek 2820 into a "dumb" ADSL modem by enabling PPPoE pass through. I'll then be connecting the DrayTek to the WAN interface of the pfsense firewall and configuring the PPPoE client on the firewall with the ISP login credentials.

Taking all this into account, can I still use IPv6 considering the DrayTek doesn't support IPv6 at all (and bearing in mind it'll just be used as a ADSL modem) and can I use the HE tunnel service for this with my pfsense firewall?

cholzhauer