I'm not sure that there is a current post on this, but I am experiencing an IPv6 issue. I currently have COMCAST as an ISP and finally learned how to set up Native IPv6 with Sophos UTM. I am now receiving the IPv6 address from the COMCAST provided DHCP to all my internal devices without the use of the tunnel.
The issue: Every hour or so, I could not connect to SSL sites like Google, Google Plus, Facebook, Twitter for example. I disabled the Web Filtering and everything now works fine. I turn the Web Filtering on and after about an hour, the anamoly starts again. So I was convinced that the Web Filter is the issue. I then changed the setting from URL Filtering only to Do Not Scan under the HTTPS (SSL) Traffic option in the Global Web Filtering tab. The websites worked perfectly as I can do a full IPv6 test over the internet. However, now there is no web filtering (compromise) so I reverted to the original settings as I am determined that Web Filtering is not the issue.
I checked the IPv6 log and noticed that the Preferred Lifetime I set in the IPv6 Prefix on the UTM does not agree with the IPv6 Preferred Lifetime with COMCAST. I'm using a D-Link Router 865-L and is using IPv6 DHCP SLAAC and Stateless in the Autoconfiguration type from COMCAST. I have no idea what their Preferred Lifetime is, but I know the Valid Lifetime is 1 day as I do not see the radvd messages in the IPv6 log on the UTM.
2014:11:27-12:49:42 HBPS-UTM radvd[1524]: our AdvPreferredLifetime on eth0 for 2601:a:6580:630:: doesn't agree with fe80::9294:e4ff:fefc:b219
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
