Hello Forum!
I have a little challenge here.
TLTR: Translating WAN IPv6 to LAN IPv4.
I would like to make various services accessible via IPv4 and IPv6 from the WAN side.
Internally in the LAN and DMZ I would like to continue working only with IPv4.
-> I have several static IPv4 addresses from my ISP, which are also used for servers in the DMZ (web server in the DMZ + VPN)
-> I have several static IPv6 addresses from my ISP, which I would like to use for my servers
How can I configure Sophos to translate IPv6 addresses to IPv4?
I would like to make web servers in the DMZ accessible from outside via IPv6, but only assign IPv4 addresses internally.
The same with the VPN (SSL + Sophos Connect).
The problem, in Germany there is a bigger internet provider (let's call him Team Red - Every German knows the "club" -.-) which provides DS-Lite connections.
My users in the home office have problems to set up the VPN via IPv4 and should therefore use IPv6. (They like loose connection sometimes over IPv4)
So far I have already created rules in the IPv6 section of the firewall rules.
Here I defined that from WAN direction DMZ over the public address the services HTTP and HTTPS are allowed.
For VPN I have created a rule that allows everything from zone VPN and source SSLVPN + IPSEC to zone LAN and DMZ. This helps a little bit to establish a connection for the home office users. (At least that's how I feel)
But since my systems do not have IPv6 but only IPv4, I cannot select them as target.
Here in the forum, as well as on other websites this project is often described, but never a useful solution is given.
4 years ago it was said that Sophos could not do this.
How does it look today?
Is there a - for Sophos beginners - understandable step-by-step guide?
Have a XG 330 - SFOS 18.0.3 MR-3
This thread was automatically locked due to age.