Sophos XG is not accepting my IPv6 config while all other devices including Windows and Linux Hosts accepts.
i get error "You cannot enter a network IP for Gateway IP"my ISP assigned config as below
Hi Khuram Raza,
Thank you for reaching out to the Community!
You should configure the interface IP address from the Usable IP address range. If you use the network address as an interface address, you will get an error "You cannot enter a network IP for IP address."
In your case, the IP address 2401:0000:4000:0000:0000:0000:0000:0510 is the network address. If you use IP address 2401:0000:4000:0000:0000:0000:0000:0511, it will work.
Community Support Engineer, Support & Services | Sophos Technical SupportSupport Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts If a post solves your question use the 'Verify Answer' button.
what address range did they give you for your internal networks? Normally you would assigned at least a /56 or at the very minimum a /64 but that would be strange.
gateway is 2401:0:4000::510 and its accepted on all other OSs (Windows / Linux) working fine on pfsense / opnsense as well.
not sure why sophos is showing me error below
wired, but its seems to be working everywhere other than sophos xg
Hi Khuram Raze,
The current version of XG requires a NAT on your IPv6 firewall rules, so you can use any IPv6 address range internally at this stage.
but that wont solve the purpose. i just tested on pfsense, works smooth. dont know whats wrong with sophos.
I don’t think it works in IP4 networks and from memory it doesn’t work on Cisco asa. None of the isps I have used over the years provided a network address as a gateway, they were /32 or /128 even on business networks.
I suspect you are confusing your device’s address with the gateway address. please post your pfsense network screen shot.
As mentioned by H_Patel, you can't use the Network IP for IP address. However you can use 511.
Also in the XG you would need to enter it this way.
Copy and paste from here and you should be ok.
not possible as 513 is another host in network
gateway must be 510 as others are working with this config screen is below
510 is the broadcast address for the network range you have been allocated.