Enable IPv6 IP forwarding on Windows by default

  forwarding, ipv6, routes, windows, wireguard

I’m running Wireguard on a Windows server, connected to multiple peers.

Peer A <-> Server <-> Peer B

In order to allow peers to ping each other (Peer A wants to reach Peer B), IP routing/forwarding needs to be enabled.

This can be achieved quite easily for IPv4 by enabled IPEnableRouter in registry at HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParameters

For IPv6, however, I was not able to find a global switch to enable IP forwarding. It is easily possible to enable it for a specific interface:

netsh interface ipv6 set interface 14 forwarding=enabled

However, this will not help as Wireguard deletes and recreates the interface, so the forwarding state is lost on every re-/disconnect.

One can also do Set-NetIPInterface -Forwarding Enabled via PowerShell and have all interfaces set to forwarding=enabled, but like the previous approach this will only cover existing interfaces.

So, is there an option to have IPv6 forwarding enabled "by default", i.e. for new interfaces?

On Linux, I would just have to do /proc/sys/net/ipv6/conf/all/forwarding=1 or /proc/sys/net/ipv6/conf/default/forwarding=1, so essentially I’m looking for a Windows equivalent to that.

Source: Windows Questions

LEAVE A COMMENT