1
Votes

IPv6 Firewall (exposed host)

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
 
1
Votes

IPv6 Firewall (exposed host)

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
IPv6 Firewall (exposed host)
IPv6 Firewall (exposed host)
2023-06-27 14:09:21
Tags: #IPv6
Model: Archer AXE300  
Hardware Version: V1
Firmware Version:

The IPv6 support seem to be done ad-hoc. The primary use case is IPv4 and most IPv6 features are don't work correctly.

 

Currently the IPv6 clients are hidden behind the router's firewall. The competitors offer quite sophisticated control for IPv6 clients:

* Exposed host,which let the whole host to be exposed to internet (all ports, all protocols);

* I can expost a single port for a single IPv6 address at a time. Instead it would be more practical to expose the set of ports at once using the following format: "22, 80, 445, 1080-1089".

* Allow ICMP and other traffic for selected IPv6 clients.

* Alow to pick between a single IPv6 address and all IPv6 addresses assigned to a particular client.

 

Allow to access router's management console using IPv6 address.

#1
Options
2 Reply
Re:IPv6 Firewall (exposed host)
2023-06-28 07:09:34

  @SergejKiller 

 

You could find the IPv6 Firewall settings on Advanced-IPv6 page, then add necessary firewall rules:

#2
Options
Re:IPv6 Firewall (exposed host)
2023-06-28 12:26:15 - last edited 2023-06-28 12:27:12

  @QRene, thank you for your response. Unfortunately the biggest issue with that approach is that only 1 port for 1 IP address can be whitelisted using this UI.

If you take a look at Port Forwarding and Port triggering feature for IPv4, you wil notice that it's possible to add a range of ports at once.

 

Also it doesn't address the filtering of ICMP traffic.

#3
Options