Future Consideration Feature Request | Variable support in ACLs for IPv6 prefix
Future Consideration Feature Request | Variable support in ACLs for IPv6 prefix
I've deployed successfully IPv6 on my network, although my ISP sometimes changes the IPv6 scope, which impacts the ACLs so some systems are not accessible from the Internet over IPv6.
So for example I currently have a group profile with the systems that are allowed to have inbound SSH traffic (TCP/22), but this is hard coded:
2001:c0ff:ee:5838::1:241 / 128
So as you can see the prefix is 2001:c0ff:ee:5838::, would be nice to have a 'variable' to use in groups that will auto-populate the prefix, so when it changes it still works.
So I was thinking about (for example) to use [IPv6_PREFIX], so it looks like:
[IPv6_PREFIX]1:241 / 128
To update the DNS Records with Cloudflare, I wrote a small script that does an update of the AAAA record using the API of them.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
@paderijk I had a bit of time on my hands to get a Python Skript to work the way I need it to. I did it in Jupyter Notebook and attached the pdf of it. Maybe you could use that, too. At least as long as TP-Link hasnt made their system usable for non-enterprise usage
- Copy Link
- Report Inappropriate Content
Hi @paderijk
Thanks for posting in our business forum.
paderijk wrote
@Clive_A Curious if there are any updates from the TP-Link side?
I was considering to utilize the OpenAPI, although got with the last update an alert that it will be deprecated on (at least) the OC200.
I got a new piece of information.
Dev and PM, later on, discussed that after work, the schedule is full for V5.15.X. Dev and PM think this would not be released until V5.16.X and its iterations.
It might not come around that soon.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Information
Helpful: 4
Views: 630
Replies: 13