Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 19 replies
  • Subscribers 5 subscribers
  • Views 3882 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAN interface IPv6 address changing

Timotheus

I would like to set up an AAAA record for our WAN interface, so that it is reachable from the outside. But I notice that the IPv6 address is not static.

Our ISP (Deutsche Telekom) has given us a static IPv4 address and a static IPv6 prefix, but says that the changing address has to do with the configuration on our equipment.

What could be causing the address to change?

How can I make it permanent?



This thread was automatically locked due to age.
Parents
  • 0

    Hallo Timotheus,

    Please show a picture of the Edit of the Interface definition in the UTM.

    Would a fixed IP address on an internal device in your IPv6 subnet work for what you need to do?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello Bob,

    Screenshot looks like this:

    The point is to advertise my mail server. I have used an A record for the IPv4 address. Recently a SMTP server rejected mails from us because it could not get a valid IPv6 address. So I assumed that I need a AAAA record for the same interface. If there is a better way of doing this I am interested to hear about it.

    I have been wondering about the automatic renumbering feature:

    Does this have anything to do with our issue?

     

    Best regards,

    Timotheus

  • 0 in reply to Timotheus

    I should have left off the line about thinking bigger. I was working on ideas about using IPv6 for various functions, but decided to keep this simple in order to get a solution to the specific issue.

  • 0 in reply to Timotheus

    My settings look the same with Deutsche Telekom too. I set up IPv6 not long ago for the same reason, but using it till now just outgoing.
    I will have to check if the address is changing, can’t say that now. But of course I would agree you need a static address for an AAAA record.

    Best regards 

    Alex 

    -

  • 0 in reply to Timotheus

    Yes, I would use an Additional Address, Timotheus.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    This morning another option occurred to me. Perhaps I should configure the UTM WAN interface to use a static IP.

    I have a rule in my head that says PPPOE should never be set to Static PPPOE. But I cannot remember when I learned that. It could easily be provider specific and outdated. 

    Does anybody see any reason not to select "Static PPPOE"?

    Regards,

    Timotheus

  • 0 in reply to Alexander Busch

    Hello Alex,

    Thanks for providing your experience.

    What do you see, is your address changing?

    Do you have the check box for Static PPPOE IP set?

     

    Regards,

    Timotheus

  • 0 in reply to Timotheus

    Hi, 

    after having a look in the IPv6 Log file I can confirm, my IPv6 address is changing too. My settings are identical to yours.
    So thank you for giving that hint. But unfortunately I don't have a solution, either wasn't aware of that problem.

    Best regards

    Alex

    -

  • 0 in reply to Alexander Busch

    Sounds like it's time to get Sophos Support involved.  Please let us know the solution.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to Timotheus

    Hello Alex/Timotheus,

    Have any of you had the chance to open a case with Support if so, please let me know the Case ID so I can follow up.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to Alexander Busch

    I am not convinced that this is a mistake. So before opening a case I need to be more convinced.
    The provider may be routing that customer network to the public address. So a change of the public address might not be a problem.
    Enclosed is an excerpt of the provider's details:

    Does this make any sense?

    Best regards

    Alex

    -

  • 0 in reply to Alexander Busch

    Good morning Alex,

    I tend to agree that it does not look like a UTM error. It is more of a matter of knowing how to configure it.

    It would be nice to know in advance what the "Static PPPOE IP:" on the under the WAN interface settings does and if that is meant for a situation like ours.

    I am hesitant to try experiments.

    Best regards,

    Timotheus

Reply
  • 0 in reply to Alexander Busch

    Good morning Alex,

    I tend to agree that it does not look like a UTM error. It is more of a matter of knowing how to configure it.

    It would be nice to know in advance what the "Static PPPOE IP:" on the under the WAN interface settings does and if that is meant for a situation like ours.

    I am hesitant to try experiments.

    Best regards,

    Timotheus

Children
  • 0 in reply to Timotheus

    I decided to go ahead and select the "Static PPPOE IP" option. It has been more than 24 hours since I did this and things are running smoothly.

  • 0 in reply to Timotheus

    Ok, may I ask which IPV6 address you put in the corresponding field of the interface? Like in my screenshot above DTAG gives only a subnet not a specific address.

    BR

    -

  • 0 in reply to Alexander Busch

    Hello Alex,

    When I clicked the 'Static PPPOE IP Address' box it displayed the v4 and v6 address that the WAN interface was currently using. I just accepted those.

    I talked to a Telekom technician before I raised this issue here and he told me that the changing IPv6 address was because of our configuration not theirs. I am wondering if the UTM was choosing a new address every day. It would be very nice if somebody from Sophos would comment on this and tell us how it is meant to work.

     

    Regards,

    Timotheus

  • 0 in reply to Timotheus

    It has been more than two weeks since I made this change and I have detected no negative effects. 

    Before I did this I was having occasional problems with the WAN interface not reconnecting when it disconnected once a day. That seems to be better now too.

    My thanks to Alex and Bob who helped me search for a solution on this. 

     

    If any problems show up I will post them here, but for now I am regarding this issue as resolved.

  • 0 in reply to Timotheus

    Inspired by Timotheus, I changed that setting at my location too. I can confirm stable connection and IP4/6 too. It seems that static setting fits well for Deutsche Telekom Deutschland LAN VDSL with static IP.

    Best regards 

    Alex 

    -

Unfiltered HTML