Fortigate and IPv6 RA
gavin.mccullagh at gcd.ie
Mon Jun 20 13:15:23 CEST 2011
On Mon, 20 Jun 2011, Ido Szargel wrote:
> I have been trying to configure a fortigate firewall running 4.0 MR2 for
> I configured the interfaces and policies and if I manually configure an
> address on a PC then I also have Ipv6 connectivity.
> Problem is that the fortigate is not sending any RAs even though it is
> configured to do so, did anyone encounter such issues?
> edit "internal"
> set vdom "root"
> set ip 192.168.1.254 255.255.255.0
> set allowaccess ping https ssh http
> set type physical
> config ipv6
> set ip6-address xxx:xxx:xxx:11::1/64
> set ip6-allowaccess ping https ssh http
> set ip6-other-flag enable
> config ip6-prefix-list
> edit xxx:xxx:xxx:11::/64
> set autonomous-flag enable
> set onlink-flag enable
> set preferred-life-time 3600
> set ip6-send-adv enable
A very similar config is working fine for us. I left the preferred life
time as default but it seems unlikely that would make much odds.
It's some time since I did this, but I don't recall any issues.
More information about the ipv6-ops