Hello,
I have Created a firewall network alias for my ipv6 prefix and created a rule on the WAN interface, passed ipv6 icmp echo request, source any, dest the Alias of my prefix, and its working fine but whenever my prefix change I have to update the alias manually.
How to set the alias to be adjusted to the new prefix automatically?
https://www.reddit.com/r/OPNsenseFirewall/comments/hnu8b5/allowing_icmpv6/
Thanks for "IsaacFL" on Reddit helped me solve this:
"First, go to Settings, Interfaces and make sure that "IPv6 DHCP" has "Prevent release" checked.
It shouldn't get a new prefix each reboot.
Secondly:
Go to Firewall, Groups, and create an Interface Group with all of your local Interfaces included. I called mine, "IG_LOCAL"
Now on your WAN Interface create the same ICMPv6 rule as above, but now your destination is "IG_Local net"
Basically, the Group acts as an Alias for all of the local Prefixes this way."
Or you can use a firewall alias of type "Dynamic IPv6 host" as destination.
Quote from: meyergru on May 21, 2022, 02:00:30 AM
Or you can use a firewall alias of type "Dynamic IPv6 host" as destination.
yes, this also works, but if you have multi-local interfaces the groups are easier to manage.
** if someone wondering what to fill the content within the "Dynamic IPv6 host" alias, just keep it empty and interface select your lan.