Unable to establish Ipv6 connectivity

[senural]

Hello everyone,
I'm new here and started doing the Hurricane Electric IPv6 Certification. I'm stuck at Explorer level as I couldn't get the ipv6 connectivity setup properly. I'm trying to set it up in windows 10 and below is the steps I followed and my current configuration.

Tunnel Details :
IPv6 Tunnel Endpoints
      Server IPv4 Address:216.66.80.26
      Server IPv6 Address:2001:470:1f08:4d6::1/64
      Client IPv4 Address:112.xxx.xxx.xxx
      Client IPv6 Address:2001:470:1f08:4d6::2/64
Routed IPv6 Prefixes
      Routed /64:2001:470:1f09:4d6::/64


Configuration Added :
netsh interface teredo set state disabled
netsh interface ipv6 add v6v4tunnel interface=IP6Tunnel localaddress=192.xxx.x.xxx remoteaddress=216.66.80.26
netsh interface ipv6 add address interface=IP6Tunnel address=2001:470:1f08:4d6::2
netsh interface ipv6 add route prefix=::/0 interface=IP6Tunnel nexthop=2001:470:1f08:4d6::1


ipconfig Output :
Windows IP Configuration

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::9e6:1ddb:ca16:809b%6
   IPv4 Address. . . . . . . . . . . : 192.xxx.x.xxx
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.xxx.x.x

Tunnel adapter IP6Tunnel:

   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : 2001:470:1f08:4d6::2
   Link-local IPv6 Address . . . . . : fe80::c169:2e80:1d77:1e59%9
   Default Gateway . . . . . . . . . : 2001:470:1f08:4d6::1

I'm behind a TP link router and I don't think it blocks anything. I can't ping the ipv6 server gateway but I can ping the ipv4  server gateway. I have looked in so many posts and tried different things before posting here. I can't figure out what the issue is. Please help. Thanks a lot in advance.

[cholzhauer]

Sounds like protocol 41 might be an issue...does your ISP block it?

You can run wireshark to see if you're getting any incoming packets.

[divad27182]

Well, I would think the following two lines are suspect:

netsh interface ipv6 add v6v4tunnel interface=IP6Tunnel localaddress=192.xxx.x.xxx remoteaddress=216.66.80.26

   IPv4 Address. . . . . . . . . . . : 192.xxx.x.xxx

While I don't know the full details of 6in4, I'm not sure how well it will work through the NAT firewall. 

You might try seeing if you can configure the tunnel directly on the TP Link router.
You might try securing your windows box and plugging it straight into the internet connection.  (This might at least let you get to the next step...)
you might try putting your 112.xxx.xxx.xxx address in the localaddress= value. [guessing]

--David G

(I stayed stuck at Explorer for 2 years on this issue.  Then I tried 6to4 and was Sage within two days. :) )

Edit: strike wrong suggestion.

[cholzhauer]

While I don't know the full details of 6in4, I'm not sure how well it will work through the NAT firewall. 

6in4 has no issue with NAT as long as the router knows what's going on and is able to pass the traffic without bothering it.

You might try seeing if you can configure the tunnel directly on the TP Link router.

You are correct that it would be easier to host the tunnel on the router, but older routers and cheaper routers don't normally have this option.

you might try putting your 112.xxx.xxx.xxx address in the localaddress= value. [guessing]

That'll make things worse, the 192.x is appropriate here.

[divad27182]

While I don't know the full details of 6in4, I'm not sure how well it will work through the NAT firewall. 

6in4 has no issue with NAT as long as the router knows what's going on and is able to pass the traffic without bothering it.

In which case, an obvious suggestion is: you might try putting the windows machine in the DMZ.

you might try putting your 112.xxx.xxx.xxx address in the localaddress= value. [guessing]

That'll make things worse, the 192.x is appropriate here.

I guess that means it is a bind address.  I found that omitting it on my Linux box did not affect functionality.

[cholzhauer]

In which case, an obvious suggestion is: you might try putting the windows machine in the DMZ.

You make a good point.  On some routers this works, on some it doesn't.  Best way to find out is to just try.

[senural]

Sounds like protocol 41 might be an issue...does your ISP block it?
You can run wireshark to see if you're getting any incoming packets.

So I ran a wireshark and all the packets with ipv6 addresses I saw are dns queries. so you might be correct that the issue being on the ISP side. but I have been informed it isn't. I'll double check to confirm.

You might try seeing if you can configure the tunnel directly on the TP Link router.

6in4 has no issue with NAT as long as the router knows what's going on and is able to pass the traffic without bothering it.

In which case, an obvious suggestion is: you might try putting the windows machine in the DMZ.

Thank you for all these inputs. I tried putting the machine in the DMZ. no luck so far. besides my router is not a high-end one. I'll first make sure that the ISP side is in the clear. then I can find a way to configure the tunnel on the router.
I'll update soon. Thanks a lot again.  :)