OPNsense Forum
Archive => 18.7 Legacy Series => Topic started by: cguilford on October 25, 2018, 08:24:06 pm
-
I'm getting the following in my Firewall Logs...
lan Oct 25 14:18:44 [fe80::6c3a:297e:xxxx:xxxx]:51968 [2001:470:1:18::125]:80 TCP Default deny rule
My Lan rules are all Defaulted to normal for IPV6
IPv6 * LAN net * * * * Default allow LAN IPv6 to any rule
I'm confused as to why it is blocking IPV6 on the Lan?
I'm running 18.7.6 so freshly upgraded. I had IPV6 turned off on the Lan before because it would stop working after a few days and would have to always wind up rebooting everything to get it to clear up, I figured I would try it after the upgrade and I'm seeing this, I've rebooted the firewall as well as the box I'm trying to connect to.
-
State tracking drops this traffic because it has not seem the start of the TCP connection. That's where the default rule starts blocking. :)
Cheers,
Franco
-
How do I resolve this issue? Seem to be getting alot more of these?
lan Oct 26 07:35:38 [fe80::22df:b9ff:xxxx:xxx]:52910 [2001:4860:4860::6464]:53 UDP Default deny rule
-
If you see it as a firewall issue instead of a client issue with potential security implications -- the client copes with this anyway -- you can disable state tracking in your default IPv6 pass rules under advanced.
Cheers,
Franco