Home Network Community > Feature Request (Routers) > IPv6 Firewall rules.
< Feature Request (Routers)
 
4
Votes

IPv6 Firewall rules.

 
4
Votes

IPv6 Firewall rules.

IPv6 Firewall rules.
IPv6 Firewall rules.
2025-01-05 21:46:46
Tags: #IPv6 #IPv6 Firewall Rules
Model: Archer AX23  
Hardware Version: V1
Firmware Version: 1.1.0 Build 20230725 Rel. 56344(4555)

Hardware version: 1.20

 

Good evening, it is with great surprise that I write this post, as IPv6 is becoming more and more common, and even necessary due to ISPs resorting to CGNat to deal with the scarcity of IPv4s, and if one has to use IPv6 to be able to use some services, it is pretty much impossible because all IPv6 connection are being blocked with no possibility of configuring rules.

 

The title says it all, implementation of IPv6 Firewall Rules, I saw that some TP-Link routers already have it implemented, but I'd like to see its implemention not only on the AX23, but across many more devices.

#1
Options
2 Reply
RE:IPv6 Firewall rules.
Monday
On the routers which do support IPv6 firewall rules today, the implementation is not ideal. This is because most ISPs cycle IPv6 delegated subnets regularly, which make the rules invalid. Some ways to get around this 1. Allow disabling the IPv6 firewall completely 2. Let us open specific ports towards all LAN hosts 3. Allow wildcard masks so that one can match only the last part of the IPv6 (which is derived from the MAC address and is constant) so that even when the address is cycled, the rule matches the same device 4. Allow matching rules with destination mac
#2
Options
Re:IPv6 Firewall rules.
Monday

  @OSGFar 

On the routers which do support IPv6 firewall rules today, the implementation is not ideal. This is because most ISPs cycle IPv6 delegated subnets regularly, which make the rules invalid. Some ways to get around this

1. Allow disabling the IPv6 firewall completely
2. Let us open specific ports towards all LAN hosts
3. Allow wildcard masks so that one can match only the last part of the IPv6 (which is derived from the MAC address and is constant) so that even when the address is cycled, the rule matches the same device
4. Allow matching rules with destination mac

#3
Options

Information

Helpful: 4

Views: 114

Replies: 2

Voters 4

voter's avatar
voter's avatar
voter's avatar
voter's avatar

Tags

IPv6
IPv6 Firewall Rules
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.