Fortigate and IPv6 RA

Gavin McCullagh gavin.mccullagh at gcd.ie
Mon Jun 20 13:15:23 CEST 2011


Hi,

On Mon, 20 Jun 2011, Ido Szargel wrote:

> I have been trying to configure a fortigate firewall running 4.0 MR2 for
> IPv6
> I configured the interfaces and policies and if I manually configure an
> address on a PC then I also have Ipv6 connectivity.
> Problem is that the fortigate is not sending any RAs even though it is
> configured to do so, did anyone encounter such issues?

>    edit "internal"
>         set vdom "root"
>         set ip 192.168.1.254 255.255.255.0
>         set allowaccess ping https ssh http
>         set type physical
>             config ipv6
>                 set ip6-address xxx:xxx:xxx:11::1/64
>                 set ip6-allowaccess ping https ssh http
>                 set ip6-other-flag enable
>                     config ip6-prefix-list
>                         edit xxx:xxx:xxx:11::/64
>                             set autonomous-flag enable
>                             set onlink-flag enable
>                             set preferred-life-time 3600
>                         next
>                     end
>                 set ip6-send-adv enable
>             end
>     next

A very similar config is working fine for us.  I left the preferred life
time as default but it seems unlikely that would make much odds.

It's some time since I did this, but I don't recall any issues.

Gavin



More information about the ipv6-ops mailing list