@stephK I want to take the same step and enable IPv6 on my ER7212PC - did you end up making any additional configuration before turning on IPv6 in your Omada router? 

Before I saw this question I assumed that the router would have a default-deny firewall in place for IPv6 traffic, but I've understood your question to mean that is not the case. And, if that's not the case is anyone here able to clarify for me if it is safe and sensible for me to click "Enable" box for IPv6? 

My ISP provides a static /56 network prefix for IPv6 but has me stuck behind CG-NAT for IPv4 - I want to learn to get comfortable with IPv6 by using it - are there any good small LAN examples to follow anywhere? (Ideally based on setting up Omada kit with IPv6). From a little reading of recent release notes it seems that IPv6 is better supported now than it has been in the past. (I'm currently on the 1.1.2 firmware for the router, which includes Omada Controller version 5.8.38)

  @RockPaper Hi, i didnt find any solution or documentation to block port on ipv6 (profile, policies, etc) on the router.
i found out the easiest solution is to buy a cheap fanless pfsense small computer with 2.5g Lan outputs, and plug it ahead...

  @stephK thx - I guess that's an easy way forward. Or I could just sit and wait.

I can see that there is still currently no way to use IPv6 IP groups in the firewall ACL rules page. I've seen other posts here stating that for IPv4 there is an invisible default deny rule, and if the same was the case for IPv6 then it would at least be safe for me to enable IPv6 even if I couldn't host anything behind the router.

Did you prove to yourself that the IPv6 routing is default allow?