IPv6 Delegated Prefix/Configuration Issue

Hi All.  Hopefully i can get an answer here after hours of googling.

I am running UTM firmware 9.7.  My IPv4 network is running perfectly-ish.  My setup is as follows

internet -> UTM -> Internal (LAN) -> WAP/SWITCH(Netgear R7000 in AP Mode) -> Many Hosts

                        -> Internal (DMZ) -> Down(Not Configured yet)

 

I am running UTM in vmware esxi with a Ubuntu Server VM connected to LAN vSwitch

All of the above is working correctly.

 

-- What I am trying to do is get IPv6 running on my network.  I am perfectly fine just using SLAAC or DHCP6 if required.  I just want to get it up and running to avoid NAT issues on Xbox.  Port forwarding works great for most functionality but Xbox One seems to prefer IPv6 to get NAT type OPEN for party chats and online games.

 

I get my IPv6 address /128 from my ISP with the IPv6 default gateway on my WAN interface.  I was trying to follow this guide specifically the post by :

https://community.sophos.com/products/unified-threat-management/f/hardware-installation-up2date-licensing/29902/enabling-ipv6

I end up stuck at Interface & Routing -> IPv6 -> Global.

- I don't get my delegated prefix.  Comcast gives /64 from what I have found online.

Using the instructions in this post specifically the post by :

https://community.sophos.com/products/unified-threat-management/f/management-networking-logging-and-reporting/10857/ipv6-dhcp-delegated-prefix-issue

I used shell access to read the ip address in my firewall and found what looks like it may be the delegated prefix on my WAN( /64 ) see below:

    inet6 ####:####:####:####:####:####:####:fb7a/128 scope global
       valid_lft forever preferred_lft forever
    inet6 ####::####:####:####:680e/64 scope link

 

Question 1.  Is the above "scope link" my delegated prefix?

 

Assuming it is....after adding it to my LAN Interface according to

Interfaces & Routing -> IPv6 -> Prefix Advertisement ... and add the prefix for the LAN interface.

This is where i get lost.  When I click new prefix the form needs an interface which is obviously my internal (LAN).

The rest of the information is a loss for me. 

 

Question 2. Should I just add ipv6 forward dns servers here?

Question 3. Valid and Preferred lifetime, Should I match that with forever in my global scope?

Question 4. DHCPv6 Stateless Integrated server ---> Is having this boxed checked for SLAAC?

 

Thanks in advance for any help.