ipv6: WAN address not accessible

blusens · May 27, 2020, 07:04:21 PM

Hello,

I'm using OPNsense as an edge firewall in front of another pfsense VM. This is my second try at ipv6 and I'm missing something. So it's Internet -> OPNsense -> pfsense WAN-> LAN.

ipv6 generally looks fine except I'm unable to access OPNsense from the internet on its IPv6 WAN address. I'm trying to access the web interface on a custom port (6443) and SSH (22).

I'm seeing the attempts as allowed in OPNsense's firewall log;
can access the pfsense WAN behind it on it's IPv6 WAN address;
can access OPNsense's WAN IPv6 address from pfsense's LAN;
ping in/out works from/to everywhere;
tried WAN rule allow all ipv6 to all (ultimately I want to set a /56 subnet)
OPNsense 20.1.7

The connections seem to timeout. I've tried loads of things past several hours and I'm out of ideas.

blusens · May 27, 2020, 07:15:20 PM

10 posts below is another poster who disabled reply-to so I've tried this and it seems to solve my issue. I don't understand the implications though. Is this option necessary in this type of setup? https://forum.opnsense.org/index.php?topic=15900.0

mimugmail · May 28, 2020, 07:20:43 AM

Did you check "Disable reply-to" section?

https://docs.opnsense.org/manual/firewall_settings.html?highlight=reply

ipv6: WAN address not accessible

blusens

May 27, 2020, 07:04:21 PM Last Edit: May 27, 2020, 07:06:41 PM by blusens

blusens

May 27, 2020, 07:15:20 PM #1

mimugmail

May 28, 2020, 07:20:43 AM #2