• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Two questions. 1. netsh and 2. tunnel and firewall

Started by Quill, September 18, 2009, 06:37:18 PM

Previous topic - Next topic


Hi, just getting up to speed with the basics of IPv6 and need a little help.

My configuration is pretty simple for testing. Windows 7 and Linux. Single PC as end point, no other requirements at this time. directly connected (no router). No native IPv6 :(


1. My IPv4 address changes frequently so the configuration settings need to be updated on the Windows 7 PC. Right now I have to run

netsh interface ipv6 IP6Tunnel delete interface IP6Tunnel

Before being able to reconfigure the endpoint with the new IP address. Is this the only way?

2. Does the tunnel require a two way connection through my firewall? Right now I have the firewall configured to allow Protocol 41 OUT and block Protocol 41 IN. Everything is working but I am getting numerous entries in the firewall logs pertaining to blocked inbound Protocol 41 traffic

Thanks for the help :)


AFAIK you need to delete/add the interface.  I don't see a way to use netsh to change the params on your tunnel int, unfortunately.  Easily scriptable though.

The firewall should be configured to allow proto 41 traffic from the remote router.  Since I've never used windows to do this, I'm not sure if the windows FW automagically adds policy entries to allow this or not.

If you manually added rules to allow outbound, but block inbound, and it still works, what's likely happening is that a connection table entry which allows inbound traffic from the remote router is being created.  But that entry probably times out when traffic stops for a while.  Then, if the other end initiates traffic, it'll drop it.  Probably the entries you're seeing.  You should have an entry allowing both outbound from your host to the remote router, and vica versa.



cool fixed it...vista's ip helper was stopping me from connecting