Confusion with IPV6 and SSH access rules (not to FW)

linuxha · March 14, 2022, 04:41:37 PM

I'm a bit confused as to how to proceed. IPv6 is going to require that I start thinking differently. I have an SSH server on my LAN (with IPv6) and I'd like to be able to access it from the Internet. I know not to think of this in NAT terms but how do I open up the firewall to access that server? The IPv6 address isn't really static and I don't want to open up the entire network to SSH. I could assign and different port on the server for SSH. Can anyone point me in the correct direction?

franco · March 15, 2022, 08:00:49 AM

You can use a dynamic IPv6 host alias and add a WAN rule with it to allow SSH access to the LAN address.

https://docs.opnsense.org/manual/aliases.html#dynamic-ipv6-host

Cheers,
Franco

Confusion with IPV6 and SSH access rules (not to FW)

linuxha

March 14, 2022, 04:41:37 PM

franco

March 15, 2022, 08:00:49 AM #1