Thread Info
  • Replies 23 replies
  • Subscribers 6 subscribers
  • Views 36695 views
  • Users 0 members are here
Options
Suggested

BUG: IPv6 Prefix Delegation over PPPoE broken

Ben

reported this in 9.3 aswell,

when setting up WAN Connection over PPPoE the sophos is unable to get a prefix delegated to use for IPv6. 

other routers i tested are able to get a /48 IPv6 Prefix with the same connection.

Parents
  • I haven't tested 9.4 yet, but I assume Ben has done some testing already. His ISP seems to have a similar setup as mine.
    My native /48 IPv6 isn't working either on 9.3, and allegedly also on 9.4. (Need to verify that, soon.)

    My ISP is XS4ALL fiber connection. They are using PPPoE, and VLAN's.
    For some reason VLAN isn't working over PPPoE, so I stip my VLAN via a managed switch first. Apparently you can only have ethernet with VLAN, or vDSL PPPoE with VLAN's (In which case you won't get a connection because it isn't vDSL), according to Sophos's webinterface anyway.

    Opened a support case at Sophos, but nothing useful or working from that.
    So +1 to get this fixed.
Reply
  • I haven't tested 9.4 yet, but I assume Ben has done some testing already. His ISP seems to have a similar setup as mine.
    My native /48 IPv6 isn't working either on 9.3, and allegedly also on 9.4. (Need to verify that, soon.)

    My ISP is XS4ALL fiber connection. They are using PPPoE, and VLAN's.
    For some reason VLAN isn't working over PPPoE, so I stip my VLAN via a managed switch first. Apparently you can only have ethernet with VLAN, or vDSL PPPoE with VLAN's (In which case you won't get a connection because it isn't vDSL), according to Sophos's webinterface anyway.

    Opened a support case at Sophos, but nothing useful or working from that.
    So +1 to get this fixed.
Children
  • in reply to SanderRutten
    Sander Rutten: the best fix right now without Sophos is to put a Mikrotik Router in front of the sophos to do the PPPoE and handle the IPv6 Delegation. You can than offer the sophos a part of that /48. This setup works, but this double NAT and having extra hardware is bananas. Sophos has been ignoring this problem. I opened a case through our partner for this almost a year ago and last i heard back is that they (sophos) haven't provided any update on it.

    ---

    Sophos UTM 9.3 Certified Engineer

  • in reply to SanderRutten
    I have the same setup using KPN. The are using exactly the same setup.
    My VMware server strips the vlan tag. But I guess this should not make any difference. Tagged or untagged, the prefix delegation request should be the same.
Unfiltered HTML