I am using OPNSense ver 25.7 and Unifi 500 Mbps package.

I believe this is the most up-to-date version of setting up the OPNSense for TM Unifi's IPv6.

Assumption:
You already have a working PPPoE WAN. If not, use OPNSense wizard to assist you to setup the PPPoE WAN.
Your Interface naming might be different from mine. But I hope your understand which interface is meant for WAN and LAN.
If you have setup a bridge for bridging your device ethernet ports traffic like switch, your LAN interface should be your bridge
If your OPNSense device only have 2 ethernet ports setup, then skip Step 2.

Step 1:
In Interface -> WAN -> IPv6 Configuration, select DHCPv6

Same page, Interface -> WAN -> DHCPv6 client configuration portion.
Set Configuration Mode: Basic.
Prefix delegation size: 64.
Tick Request prefix only checkbox.
Tick Send prefix hint checkbox.
Leave both Optional prefix ID and Optional interface ID empty (no value entered)
Click Save button

Step 2 (optional: only application for those setup Bridge)
Interface -> Devices -> Bridge, select the bridge you have setup.
Tick Enable link-local address checkbox
Click Save button

Step 3:
Interface -> LAN -> IPv6 Configuration Type
Select Track Interface

Same page, Interface -> LAN -> Track IPv6 Interface -> Parent Interface
Select WAN.
Leave Assign prefix ID and Optional interface ID empty (no value entered)
Tick Allow manual adjustment of DHCPv6 and Router Advertisements checkbox
Click Save button

Step 4:
Services -> Router Advertisement -> LAN (because you ticked the checkbox in Step 3)
Set Router Advertisment: Assisted
Router Priority: Normal
Source Address: Automatic
DNS Options: up to you whether tick or untick both checkboxes
Click Save button and check the Router Advertisement service has started.

By finishing the above steps, you should have enabled IPv6 for your TM Unifi.
Some devices might not able to get IPv6 address, reboot your OPNSense device should do.

This post has been edited by Dothan: Sep 27 2025, 03:29 PM

Sorry for late reply.

Under the System -> Interfaces -> WAN:
The IPv4 Configuration Type in the Generic Configuration should be PPPoE.
The IPv6 Configuration Type in the Generic Configuration should be DHCPv6.

I guess you want to isolate guest devices from your usual network with different IP ranges right?

Supposedly the DHCPv6 is getting IPv6 ranges assigned by TM Unifi over PPPoE connection.

Let me research what I can help you.

Do you setup the firewall rules allowing passthrough of IPv6 traffic from your guest vlan?

Yes, since you mention certain site not reachable from guest vlan.

Try ping -4 and ping -6 on www.google.com from your guest vlan, see which one or both could reach out the respective IPv4 and IPv6 address.