SixXS::Sunset 2017-06-06

Heartbeat/Fortigate
[fr] Shadow Hawkins on Wednesday, 28 April 2010 23:09:12
Hi all, does anybody has already made a connection with a fortigate, with the wan interface using pppoe (this interface is connected to my ISP, so it is getting a dynamic IP address). I got a sixxs tunnel, with address in 6in4 with heartbeat mode (i choosed this because the firewall is at the top of my network). I tried the doc in the wiki but it's not working. I tried lot of differents tricks, but i never was able to get it work. If someone did this, could it be possible to have a configuration example. Regards, Olivier Martin
Heartbeat/Fortigate
[ch] Jeroen Massar SixXS Staff on Tuesday, 04 May 2010 16:43:42
Unless somebody implemented Heartbeats on this Fortigate it won't work as the tunnel will not be active without proper heartbeats arriving at the PoP.
Heartbeat/Fortigate
[de] Shadow Hawkins on Saturday, 29 May 2010 17:45:04
I actually have a Tunnel running over a PPPoE Link (that gets a new IP daily). The only thing is that you need to run something on your LAN that does the Heartbeat (like a Unix stattion that runs that daemon). In essence you can follow the example on http://www.sixxs.net/wiki/Fortigate Some notes though: - I am using a current FortiOS 4.2 (Patch1) - in additon to the example i needed to specify the "carrier" Interface (off this, PPPoE runs && SIT Tunnel runs). After creating the "SIT Interface" change this Interface and add the underlying PHY.
config system interface edit "sixxs" set type tunnel config ipv6 set ip6-allowaccess ping end set interface "wan1" <-------!!!! next end
- If you use PPPoE and get Dynamic IPs assigned, you cannot specify a SRC-IP for yout SIT-Tunnel. So i have it on 0.0.0.0 config system sit-tunnel
edit "sixxs" set destination <POP v4 address> set ip6 <Your v6 address> set source 0.0.0.0 end
- I will push to get Heartbeat integrated into FortiOS, so that no external "Hearbeat Client" is needed. Earliest for this would be FortiOS 4.3 though.

Please note Posting is only allowed when you are logged in.

Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker