IPv6 VRRPv3 Reboot Loop

BATNYAM137000 · ‎2026-02-16

When I configure VRRP with IPv6, the gateway ends up in a reboot loop.

If I enable IPv6, there is no reboot issue.
If I configure IPv6 VRRPv3, there is no problem initially, but after applying the configuration and then rebooting, it fails to come up properly and gets stuck in a reboot loop.

Has anyone else experienced the same issue?The gateway OS version is R82.

_Val_ · ‎2026-02-16

Hi, for IPv6 VRRP, it is necessary to configure either an IPv6 link-local address or a global unicast address as the VIP (Virtual IP). Verify that this is the case and confirm that your VIP belongs to the same subnet as the local IPs.

If this is the case, and you are still experiencing the issue, please open a TAC case: https://help.checkpoint.com

BATNYAM137000 · ‎2026-02-16

Thank you for your reply.

Link-local addresses and global unicast addresses are configured in the same subnet as each interface and set as the VIP.

However, when I apply the configuration, the device goes into a reboot loop.

It seems that even when I ask TAC, they are unable to reproduce the same issue.

the_rock · ‎2026-02-16

Hey @BATNYAM137000

Mind send the exact steps you followed? I can try reproduce in the lab and see what happens.

Best,
Andy
"Have a great day and if its not, change it"

BATNYAM137000 · ‎2026-02-20

following this procedure and sharing the config and Topology.

IPv6 VRRP was configured without any issues. The Master and Backup were switching correctly.
However, after configuring IPv6 VRRP, the system enters a continuous reboot loop upon restarting.

Gateway R82 Jumbo Hotfix Take 60

https://sc1.checkpoint.com/documents/R82/WebAdminGuides/EN/CP_R82_Gaia_Advanced_Routing_AdminGuide/C...

the_rock · ‎2026-02-22

Here is what I found for ipv6 in jumbo 73, mind you, none of these seem really related to your issue, but maybe worth installing the take.

Take 73 - Improvements and Resolved Issues
PRJ-60845, PRHF-39251	SecureXL	In some scenarios, the Security Gateway may crash when IoC feed contains an IPv6 address.
PRJ-58822, AAD-3662	VPN	IPv6 Site-2-Site connectivity may not be stable in Enhanced Link Selection configuration on ClusterXL environments.
PRJ-59231, AAD-4299	VPN	IPv6 traffic outage in Enhanced Link Selection configuration after tunnel deletion on one side during tunnel renegotiation.
PRJ-64123, PMTR-120049	Scalable Platforms	In an ElasticXL Cluster in the VSNext Mode, it is not possible to configure more than 32 CoreXL IPv4 / IPv6 Firewall instances in a Virtual Gateway in the CLI. The Gaia gClish command "set vsnext corexl-instances virtual-gateway ID ipv4-instances Value" fails with the "CLINFR0409 Invalid number: Value. Not in range 1..32." error.

Best,
Andy
"Have a great day and if its not, change it"

BATNYAM137000 · ‎2026-02-23

@the_rock

The issue mentioned above does not apply.
I am not using an IoC feed and VPN.

also not Scalable Platforms.

the_rock · ‎2026-02-23

Fair enough, just wanted to confirm.

Best,
Andy
"Have a great day and if its not, change it"

BATNYAM137000 · ‎2026-02-23

If anyone has successfully set this up, I would appreciate it if you could let me know.

Are you a member of CheckMates?

IPv6 VRRPv3 Reboot Loop