external access web interface OPNsense over IPv6 on PPPOE

[MediO]

Hi all,

I looking for some suggestions on how to access my OPNsense firewall externally over IPv6. I have xs4all as ISP and IPv6 is working over an PPPOE connection. After testing with the option "Request only an IPv6 prefix" i do not get an unicast IPv6 address on my WAN interface.

In the /system/settings/administration - Listen Interfaces i can add the WAN interface but without an Ipv6 address this logically wont work.

The description states "Only accept connections from the selected interfaces."  After testing with a firewall rule on the WAN interface and accessing the IPv6 unicast address of the LAN interface i do see 443 traffic allowed but not a working interface(website). It does not appear to be an implicit firewall rule as my rule is hit and allowed, thus it's probably on the application level.

How can i make external access over IPv6 to the web gui of the firewall possible? Possibly bugfix or some other way to make clear what's happening eg entry in logfile or in description?

[bartjsmit]

I run an OpenVPN tunnel that routes IPv6 to all internal hosts, including the OPNsense web GUI.

Bart...

[Maurice]

If you really can't get a WAN GUA using either SLAAC or DHCPv6, you can manually add one by using a Virtual IP (IP Alias). It would then be advisable to use the first /64 of the delegated prefix for that. So if your prefix is 2001:db8:1234::/48, you could use 2001:db8:1234::1/128 as the WAN GUA. Of course this only works if your prefix is more or less static.

Cheers

Maurice