Hello,
I'm using OPNsense as an edge firewall in front of another pfsense VM. This is my second try at ipv6 and I'm missing something. So it's Internet -> OPNsense -> pfsense WAN-> LAN.
ipv6 generally looks fine except I'm unable to access OPNsense from the internet on its IPv6 WAN address. I'm trying to access the web interface on a custom port (6443) and SSH (22).
- I'm seeing the attempts as allowed in OPNsense's firewall log;
- can access the pfsense WAN behind it on it's IPv6 WAN address;
- can access OPNsense's WAN IPv6 address from pfsense's LAN;
- ping in/out works from/to everywhere;
- tried WAN rule allow all ipv6 to all (ultimately I want to set a /56 subnet)
- OPNsense 20.1.7
The connections seem to timeout. I've tried loads of things past several hours and I'm out of ideas.
10 posts below is another poster who disabled reply-to so I've tried this and it seems to solve my issue. I don't understand the implications though. Is this option necessary in this type of setup? https://forum.opnsense.org/index.php?topic=15900.0
Did you check "Disable reply-to" section?
https://docs.opnsense.org/manual/firewall_settings.html?highlight=reply