Configuring the 6to4 Auto Tunnel

The 6to4 Auto Tunnel is an automatic tunnel: tunnel endpoints are extracted from the encapsulated IPv6 datagram. No manual configuration is necessary.

6to4 tunnels use a prefix of the form “2002:tunnel-IPv4-address::/48” to tunnel IPv6 traffic over IPv4. (for example, if the tunnel’s IPv4 endpoint has the address a01:203, the 6to4 tunnel prefix is “2002:a01:203::1.”) Routers advertise a prefix of the form “2002:[IPv4]:xxxx/64” to IPv6 clients. For complete information, see RFC 3056.

The following diagram shows a sample 6to4 auto tunnel topology.

Sample 6to4 Auto Tunnel Configuration

In the example, customers do not need to specify the tunnel endpoint, but only need to enable the 6to4 auto tunnel. All packets with a 2002 prefix will be routed to the tunnel, and the tunnel's IPv4 destination will be extract from the destination IPv6 address.

6to4 tunnels are easy to configure and use. Users must have a global IPv4 address and IPv6 address, which must also have a 2002 prefix. Therefore, in general, user can only access network resource with a 2002 prefix.

NOTE: Only one 6to4 auto tunnel can be configured on the firewall.

To configure the 6to4 tunnel on the firewall:

Navigate to the Network > Interfaces page.

Click the Add Interface button.

Select the Zone for the 6to4 tunnel interface. This is typically the WAN interface.

In the Tunnel Type drop-down menu, select 6to4 Auto Tunnel Interface.

By default, the interface Name is set to 6to4AutoTun.

Select the Enable IPv6 6to4 Tunnel check box.

Optionally, you can configure Management login or User Login over the 6to4 tunnel.

Click OK.