Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Configure IPv6 - Ruleset for VLANS
« previous
next »
Print
Pages: [
1
]
Author
Topic: Configure IPv6 - Ruleset for VLANS (Read 330 times)
Mayo132
Jr. Member
Posts: 51
Karma: 1
Configure IPv6 - Ruleset for VLANS
«
on:
June 17, 2023, 07:39:12 pm »
Hey everybody,
I do not know if it is the right place. But i would like to ask for some help by setting up an IPv6 config. Everything seems working flawless but there a some strange things, wich I do not understand. So i hope, you can help me.
First: There is no fix IPv6 prefix delegated, so it could be possible that these could change.
My networksetup:
Main LAN:
- IP 192.168.
20
.0/24
- fd85:xx:feb8:98
20
::1/64
- 2003:xx:xx:
20
::/64
IOT Net
- IP 192.168.
60
.0/24
- fd85:xx:feb8:98
60
::1/64
- 2003:xx:xx:
60
::/64
Guest Net:
- IP 192.168.
50
.0/24
- fd85:xx:feb8:98
50
::1/64
- 2003:xx:xx:
50
::/64
If I get it right, so the internetacces is only possibel via the Global address "2003::".
>> This works fine > an IPV6 testsite shows me IPv4 and IPv6 compatibility
I set up an Pihole and provide this DNS via DHCPv6
> So every client gets an IPV4 DNS and IPV6 DNS Server (here - i provide the FD85:: adress, because these should be always the same)
And now to the part - i do not understand.
When i connect to the Guest or IOT net
> I only get the configured IPv6 adress. There is no "20" / "50" adress
But when i Connect to the Main LAN.
-> Every V6 Adress is provided "20" / "50" / "60"
I dont know why getting the other subnets at my main Lan . Maybe someone can explain it ? Or is there an configuration error?
Now one question to the Ruleset:
For Example the GUEST net.
> I added an allow rule for the DNS Server (fd85:XX:feb8:9820::2)
> I added an Block Rule for "LAN NET" and "IOT NET"
> I added an Block Rule for the Private IPv6 Ranges (fd85:XX:feb8:9820::/64 and fd85:XX:feb8:9860::/64)
Is this the right way, or can it blocked by another way ?
Thanks a lot for helping me
Mario
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Configure IPv6 - Ruleset for VLANS