Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
[SOLVED] Firewall blocking all IPv6 traffic to Internet
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] Firewall blocking all IPv6 traffic to Internet (Read 1610 times)
markbanks
Newbie
Posts: 2
Karma: 0
[SOLVED] Firewall blocking all IPv6 traffic to Internet
«
on:
June 28, 2023, 06:46:09 pm »
Hi all, the OPNsense firewall appears to be blocking all IPv6 internet traffic originating from the LAN.
I'm running 23.1 set up on a fresh install; haven't set up any new rules I don't believe (there's an allow all IPv6 rule); IPv6 is enabled in the firewall. Please see images below. Any help/ideas would be very much appreciated!
I can ping google.com over IPv6 from the OPNsense shell but ping and web browsing from LAN to the internet is blocked. I can ping the LAN gateway over IPv6 from a device on the LAN network, but I cannot ping the WAN gateway from a device on the LAN network.
Important note: IPv6 worked on OPNsense until I set up prefix delegation from my AT&T router using
this guide
. I am running five VLANs (haven't tested those, just can't use IPv6 on LAN for sure). Could the firewall be blocking traffic due to some anti-spoofing rule or something?
Firewall log excerpt:
Log event detail:
Firewall rules on LAN (no floating rules):
IPv6 allowed in firewall:
«
Last Edit: June 29, 2023, 12:59:58 am by markbanks
»
Logged
Cyberturtle
Jr. Member
Posts: 63
Karma: 5
Re: Firewall blocking all IPv6 traffic to Internet
«
Reply #1 on:
June 28, 2023, 10:15:15 pm »
Hi and welcome,
I need some more information. How is your connection established? Which ISP do you use and how is your connection specified (dual stack or ds lite, VLAN, PPPoE)?
If your router is able to connect by IPv6 you need to configure your LAN (for example track interface configuration, router advertisements etc.). IPv6 works a way more different than IPv4.
Cyberturtle
Logged
markbanks
Newbie
Posts: 2
Karma: 0
Re: [SOLVED] Firewall blocking all IPv6 traffic to Internet
«
Reply #2 on:
June 28, 2023, 11:55:49 pm »
This is solved. I was using the port assigned to VLANs to connect to the appliance directly from my laptop. This caused the laptop to get a ton of IPv6 addresses (one for each PD). When I assigned LAN to a different port (not the one used by VLANs), the problem resolved itself. Thanks for your help!
«
Last Edit: June 29, 2023, 12:59:46 am by markbanks
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
[SOLVED] Firewall blocking all IPv6 traffic to Internet