Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 19 replies
  • Subscribers 5 subscribers
  • Views 3842 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAN interface IPv6 address changing

Timotheus

I would like to set up an AAAA record for our WAN interface, so that it is reachable from the outside. But I notice that the IPv6 address is not static.

Our ISP (Deutsche Telekom) has given us a static IPv4 address and a static IPv6 prefix, but says that the changing address has to do with the configuration on our equipment.

What could be causing the address to change?

How can I make it permanent?



This thread was automatically locked due to age.
  • 0

    Hallo Timotheus,

    Please show a picture of the Edit of the Interface definition in the UTM.

    Would a fixed IP address on an internal device in your IPv6 subnet work for what you need to do?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello Bob,

    Screenshot looks like this:

    The point is to advertise my mail server. I have used an A record for the IPv4 address. Recently a SMTP server rejected mails from us because it could not get a valid IPv6 address. So I assumed that I need a AAAA record for the same interface. If there is a better way of doing this I am interested to hear about it.

    I have been wondering about the automatic renumbering feature:

    Does this have anything to do with our issue?

     

    Best regards,

    Timotheus

  • 0 in reply to Timotheus

    I'm far from being a guru on IPv6, Timotheus, but I think you might want the fixed IPv6 IP on your mail server.  Your ISP should route that to your public IPv6 address and the UTM should know to send the traffic to the mail server.  Are you using the SMTP Proxy?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello Bob,

    This really got me thinking, but the problem just gets bigger.

    I am using Email Protection, so the WAN address is actually the mail server address.

    Right now I just need external SMTP servers to be able to do a helo to a AAAA record (mail.example.com) and get a valid answer.

    Would an "additional address" on the WAN interface be sufficient?

  • 0 in reply to Timotheus

    I should have left off the line about thinking bigger. I was working on ideas about using IPv6 for various functions, but decided to keep this simple in order to get a solution to the specific issue.

  • 0 in reply to Timotheus

    My settings look the same with Deutsche Telekom too. I set up IPv6 not long ago for the same reason, but using it till now just outgoing.
    I will have to check if the address is changing, can’t say that now. But of course I would agree you need a static address for an AAAA record.

    Best regards 

    Alex 

    -

  • 0 in reply to Timotheus

    Yes, I would use an Additional Address, Timotheus.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    This morning another option occurred to me. Perhaps I should configure the UTM WAN interface to use a static IP.

    I have a rule in my head that says PPPOE should never be set to Static PPPOE. But I cannot remember when I learned that. It could easily be provider specific and outdated. 

    Does anybody see any reason not to select "Static PPPOE"?

    Regards,

    Timotheus

  • 0 in reply to Alexander Busch

    Hello Alex,

    Thanks for providing your experience.

    What do you see, is your address changing?

    Do you have the check box for Static PPPOE IP set?

     

    Regards,

    Timotheus

  • 0 in reply to Timotheus

    Hi, 

    after having a look in the IPv6 Log file I can confirm, my IPv6 address is changing too. My settings are identical to yours.
    So thank you for giving that hint. But unfortunately I don't have a solution, either wasn't aware of that problem.

    Best regards

    Alex

    -

Unfiltered HTML