OPNsense Forum

Archive => 15.7 Legacy Series => Topic started by: bcjenkins on October 02, 2015, 06:57:22 pm

Title: IPv6 LAN NET
Post by: bcjenkins on October 02, 2015, 06:57:22 pm

How is a LAN NET defined for an IPv6 network when the network is DHCPv6?

I am seeing blocks in my firewall for traffic originating on the LAN side to do things like DNS lookups or HTTPS traffic.

Quote

The rule that triggered this action is:

@5 block drop in log inet6 all label "Default deny rule IPv6"

OPNsense 15.7.15-amd64   
FreeBSD 10.1-RELEASE-p19   
LibreSSL 2.2.3

Title: Re: IPv6 LAN NET
Post by: slackadelic on October 03, 2015, 07:03:33 am

I did not have to enable DHCPv6 as SLAAC kicked in and is issuing everything just fine.

Title: Re: IPv6 LAN NET
Post by: bcjenkins on October 05, 2015, 03:17:52 pm

I changed the firewall from LAN NET to any and it allowed traffic to flow. Does this create an exposure?

Title: Re: IPv6 LAN NET
Post by: franco on October 11, 2015, 01:51:05 pm

Brandon, do you have specific info about the traffic being blocked (src/dst IP and port), it might simply be missing from the (internal) rules template.