On the IPv6 > 6to4 tab you can configure your Sophos UTM on AWS to automatically tunnel IPv6 addresses over an existing IPv4 network. With 6to4, every IPv4 address has a /48 prefix from the IPv6 network to which it is mapped. The resulting IPv6 address consists of the prefix 2002 and the IPv4 address in hexadecimal notation.

Note – You can either have 6to4 enabled or Tunnel Broker.

To enable IP address tunneling for a certain interface, do the following:

  1. On the 6to4 tab, enable 6to4.

    Click the toggle switch.

    The toggle switch turns amber and the 6to4 area and the Advanced area become editable.

  2. Select an interface.

    Select an interface from the Interface drop-down list which has a public IPv6 address configured.

  3. Click Apply.

    Your settings will be saved.

    The toggle switch turns green and the interface status is displayed on the Global tab.


You can change the Server address to use a different 6to4 relay server. For that, enter a new server address and click Apply to save your settings.