I have a static WAN6 IP configured (2008:a:a:a::1) and I have a remote machine (2008:a:a:a::2) that I want my LAN clients to access. I though default settings will take care of it, but that's not the case, the ping fails with (using standard Ubuntu 20 with Network Manager):
Destination unreachable: Address unreachable
What I have done:
- Took a brand new clean OpenWRT 19.07
- Using web GUI: Network->Interfaces->WAN6->Edit
2.2 IPv6 address:
And that's it. I'm able to ping
2008:a:a:a::2 directly from OpenWRT usign ssh terminal. But none of LAN or WLAN clients are able to ping that address.
Is there anything else I need to configure to enable NAT6?
IPv6 allows traffic forwarding without using NAT6:
OpenWrt firewall allows ICMPv6 forwarding by default:
Tried to add that
Dynamic prefix forwarding - didn't help.
After I enabled a setting Network->Interfaces->LAN->DHCP server->IPv6:
Always announce default router
and then renewing DHCP6 on the client, I can now see that ICMP6 packets are going to the target
2008:a:a:a::2, but no response are being sent. Because the source address is from LAN:
fd51:3551..., not WAN6
2008:a:a:a::1. Doesn't look like masquerade is enabled. Where is that setting to enable masquerade?
Running this command on OpenWRT enables masquerade and ping is now working from LAN:
ip6tables -t nat -A POSTROUTING -o eth0.2 -j MASQUERADE
But I wonder, is there a way to do this using web GUI?
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.