Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to translate ipv4 to ipv6

I have an ipv4 camera in my local lan (sadly doesnt support ipv6). Sophos Xg  has ipv6 wan.

How can i access my camera with ipv4 over the internet?

Thanks for help.



This thread was automatically locked due to age.
  • Unusual to only get an external IPv6, most ISPs provide both.

    You do a dnat to translate from the external interface to the internal face changing to your camera's IP4 address.

  • Hi Mario,

    Go to Network> Interfaces> IP tunnel. Here, you will find various options like:

    •  6in4 Tunnel: It is commonly referred as Manual Tunnel and used for IPv6 to IPv6 communication over IPv4 backbone. The source 
       and destination IPv4 addresses must be manually configured. It is recommended for point-to-point communication.
     
    •  6to4 Tunnel: It is commonly referred to as Automatic Tunnel and used for IPv6 to IPv6 communication over IPv4 backbone. The destination 
       IPv4 address of the tunnel can be automatically acquired, but the source address needs to be provided manually. It is recommended for 
       point-to-multi point communication.
    •  6rd Tunnel: It is used for IPv6 to IPv6 communication over IPv4 backbone. The 6RD tunnel is an extension of the 6to4 Automatic Tunnel. 
       The tunnel can be established by pre-defined ISP provided prefix.
    •  4in6 Tunnel:It is used for IPv4 to IPv4 communication over IPv6 backbone, the source and destination IPv6 addresses must be manually 
       configured. It is recommended for point-to-point communication. 
     
    Any help with that?
  • yes i have a dual stack lite tunnel from my isp. so only a public ipv6 address.

    you mean a firewall business Application rule foe dnat?

    i tried it to map ipv6 wan ip to ipv4 but it doesnt work...

  • yes i saw that but i have only a public ipv6 and camera has only a local ipv4.

    4 in 6 tunnel could be right for that?

  • I am confused as to why he would even need to consider any form of tunneling, he has an IPv6 address appearing on his external interface?

    A dnat rule IPv6 on the external interface to the internal interface changed to point at the camera without changing the port.

    IPv6 and IP4 are only transport for the port so a NAT should work perfectly okay?

    My thoughts anyway for what they are worth?

     

    Updated - removed double entry word.

  • you mean dnat as a firewall business Application rule? ipv4 or ipv6 side?

  • this doesnt work with dnat rule, internally over ipv4 it works, i want to use sophos wan ip to get access to my cam with port 8001.

  • It won't, that is entirely internal rule. Setup a business rule using the dnat template, the source needs to be your external IPv6 interface, then your internal interface, that translates to your camera putting the port in the source only.

    I don't have IPv6 on the XG, because the XG does not handle native IPv6 or sixxs tunnels.

  • When i add an ipv6 rule i can only add ipv6 ips, local and wan, but i have to mix source ipv6 wan and target ipv4 camera ip.

  • I just tried to convince my XG to use the native IPv6 link, but still does not work. UTM works without an issue. Sorry, I can't take testing much further on the XG.