Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Tunnelbroker config for UniFi Security Gateway

UniFi Tunnelbroker Configuration

This GitHub Gist details the manual configuration needed on a UniFi controller to enable IPv6 tunneling with Hurricane Electric's Tunnelbroker service.

Setup

This is what works for me personally. Stuff you'll need to do to adapt this to your ends:

  • Replace "local-ip" with your USG's public IPv4 address.
  • Replace "remote-ip" with the address of your Tunnelbroker tunnel server.
  • Replace "address" with the IPv6 address that your are allocated.

Installation

Follow these instructions and drop your config.gateway.json file in the correct location eg. /usr/lib/unifi/data/sites/$NAME/.

{
"interfaces": {
"tunnel": {
"tun0": {
"address": [
"YOUR-ALLOCATED-IPV6-PREFIX-FROM-TUNNELBROKER"
],
"description": "Tunnelbroker IPv6 Tunnel",
"encapsulation": "sit",
"firewall": {
"in": {
"ipv6-name": "WANv6_IN"
},
"local": {
"ipv6-name": "WANv6_LOCAL"
},
"out": {
"ipv6-name": "WANv6_OUT"
}
},
"local-ip": "YOUR-ROUTER-PUBLIC-IPV4-ADDRESS",
"multicast": "disable",
"remote-ip": "YOUR-TUNNELBROKER-REMOTE-IPV4-ADDRESS",
"ttl": "255"
}
}
},
"protocols": {
"static": {
"interface-route6": {
"::/0": {
"next-hop-interface": {
"tun0": "''"
}
}
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment