OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 15.7 Legacy Series »
  • IPv6 LAN NET
« previous next »
  • Print
Pages: [1]

Author Topic: IPv6 LAN NET  (Read 1444 times)

bcjenkins

  • Newbie
  • *
  • Posts: 24
  • Karma: 6
    • View Profile
IPv6 LAN NET
« on: October 02, 2015, 06:57:22 pm »
How is a LAN NET defined for an IPv6 network when the network is DHCPv6?

I am seeing blocks in my firewall for traffic originating on the LAN side to do things like DNS lookups or HTTPS traffic.

Quote
The rule that triggered this action is:

@5 block drop in log inet6 all label "Default deny rule IPv6"

OPNsense 15.7.15-amd64   
FreeBSD 10.1-RELEASE-p19   
LibreSSL 2.2.3
Logged

Dominian

  • Jr. Member
  • **
  • Posts: 67
  • Karma: 6
    • View Profile
Re: IPv6 LAN NET
« Reply #1 on: October 03, 2015, 07:03:33 am »
I did not have to enable DHCPv6 as SLAAC kicked in and is issuing everything just fine.
Logged

bcjenkins

  • Newbie
  • *
  • Posts: 24
  • Karma: 6
    • View Profile
Re: IPv6 LAN NET
« Reply #2 on: October 05, 2015, 03:17:52 pm »
I changed the firewall from LAN NET to any and it allowed traffic to flow. Does this create an exposure?
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 9081
  • Karma: 634
    • View Profile
Re: IPv6 LAN NET
« Reply #3 on: October 11, 2015, 01:51:05 pm »
Brandon, do you have specific info about the traffic being blocked (src/dst IP and port), it might simply be missing from the (internal) rules template.
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 15.7 Legacy Series »
  • IPv6 LAN NET
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2020 All rights reserved
  • SMF 2.0.15 | SMF © 2017, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2