IPv6 Tunnel Broker with Cyberoam

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

I’m providing a simple guide below on how to configure IPv6 tunnelling to Hurricane Electronic tunnel broker on Cyberoam UTM appliance. Before start configure on Cyberoam UTM, you need to register an account here and then create a “Regular Tunnel” to start with.

Below is the screenshot of the tunnel creation, provide your Public IP into the “IPv4 Endpoint” box and select the Tunnel servers that near to your location for me, I choose Hong Kong or Tokyo for my connections

create regular tunnel 1

After creating the new tunnel, it will provide you the details of the IP addresses as below

he tunnel details

Now proceed to configure on Cyberoam UTM and you need to run command in CLI as at the moment GUI have no support on IPv6 yet. Before that do make sure Cyberoam firmware is using version 10.02.0473 or above. How to check firmware version? You can check the version number on the far left hand below the Cyberoam logo or at the system dashboard. If the firmware version is older than that, grab the firmware from here.

You can login to CLI via telnet or SSH, for me i’m connecting to SSH with Putty client that you can download from here. Once you connected to CLI, choose option 4 to enter console mode:-


Once you’re in console mode, type the following command

console> cyberoam ipv6 tunnel add tunnel-name henet remote-ip local-ip local-ip6 2001:470:23:6fe::2/64

to display the tunnel

console> cyberoam ipv6 tunnel show


Remoteip4  = Tunnel Broker server IPv4 address

Localip4 = your current public IP on your Cyberoam WAN interface

Localip6 = is the IPv6 address given by HE tunnel broker


After adding the tunnel, now add routing to route all IPv6 traffic to henet tunnel to do that fire the following command

console> cyberoam ipv6 route add ::/0 interface henet


Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

We are almost done now and you can ping to IPv6 address within Cyberoam CLI just type the following to test

console> ping6 2001:4860:4860::8888 

and you should be getting the result below means its already working.



Now you already have IPv6 connection from Cyberoam to tunnel broker but how about client sitting behind Cyberoam that still running on IPv4?

What you need to do is assign another set of IPv6 addresses to the client behind Cyberoam that HE have provided earlier based on the detail given under “Routed IPv6 Prefixes”. If you not required to create multiple segment you can just use the /64 prefix else you can request for /48 prefix. For this example we are using /64 prefix and we are going to define IPv6 address to LAN interface of Cyberoam. Still on console we fire the command below

console> cyberoam ipv6 interface PortA address add 2001:470:24:6fe::1/64



Next, set your notebook or pc with the any available addresses from the /64 prefix eg. below

IPv6 = 2001:470:24:6fe::100

Prefix = 64

Gateway = 2001:470:24:6fe::1

win-network setting

Once apply, you can test ping to any IPv6 address and you’re officially connected to IPv6 world

win ping6

You can also test from few website below on IPv6 connectivity.

1) Test IPv6 – http://test-ipv6.com/

2) IPv6 Test – http://ipv6-test.com/

3) Google IPv6 test page – http://ipv6test.google.com/

3 thoughts on “IPv6 Tunnel Broker with Cyberoam”

Leave a Reply

Your email address will not be published. Required fields are marked *