Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    allow external traffic over ipv6

    Firewalling
    3
    12
    110
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jon9314 last edited by

      hi,
      I am having trouble accessing my web server from outside my LAN. I had it set up and everything was working great but I had a power failure and my pfsence install was corrupted(had to reinstall)
      now I can't find out how to allow incoming ipv6 communication through.
      any and all help would be greatly appreciated.
      i should have kept a recent backup of my config(I'm kicking myself now)

      1 Reply Last reply Reply Quote 0
      • chpalmer
        chpalmer last edited by

        What does your WAN rule set look like? Screenshots?

        Triggering snowflakes one by one..

        1 Reply Last reply Reply Quote 0
        • J
          jon9314 last edited by

          F479AD02-9FA3-4BE9-B2DF-6A88D7A6462A.png

          1 Reply Last reply Reply Quote 0
          • J
            jon9314 last edited by

            that last entry was what i thought i had before but it hasn’t helped.

            chpalmer 1 Reply Last reply Reply Quote 0
            • chpalmer
              chpalmer @jon9314 last edited by

              @jon9314

              Duplicate your IPv4 rule.

              Except make it IPv6 and make the source address the address of the machine your trying to reach. Source should probably be any unless your trying to block everything else but what is in your actual WAN net.

              I assume you have a public IP address on your WAN?

              Triggering snowflakes one by one..

              1 Reply Last reply Reply Quote 0
              • Derelict
                Derelict LAYER 8 Netgate last edited by Derelict

                Source WAN Net is not the internet.

                Source any is the internet.

                But you almost certainly do not want to allow source any to access all of destination LAN net.

                You most likely want source any source port any destination IP Address of Web Server destination port Web Port(s)

                Chattanooga, Tennessee, USA
                The pfSense Book is free of charge!
                DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • J
                  jon9314 last edited by

                  Thanks for all the replies! As soon as I get home I'll make the suggested changes

                  1 Reply Last reply Reply Quote 0
                  • J
                    jon9314 last edited by

                    unfortunately i still cannot access my server from outside my network on ipv6. i’m sure i’m overlooking something obvious.

                    1 Reply Last reply Reply Quote 0
                    • Derelict
                      Derelict LAYER 8 Netgate last edited by

                      Well, saying "it doesn't work" doesn't help us help you at all.

                      Chattanooga, Tennessee, USA
                      The pfSense Book is free of charge!
                      DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                      Do Not Chat For Help! NO_WAN_EGRESS(TM)

                      1 Reply Last reply Reply Quote 0
                      • J
                        jon9314 last edited by

                        yes, i do understand that☺️. i was looking through the system lags after i posted and there are a lot of things blocked and the rule that triggered them is a “default deny rule ipv6”. the thing is i can’t find that rule anywhere to disable it.

                        1 Reply Last reply Reply Quote 0
                        • Derelict
                          Derelict LAYER 8 Netgate last edited by

                          You don't disable it.

                          You look at the blocks and see if it is traffic you want passed and pass it instead.

                          Chattanooga, Tennessee, USA
                          The pfSense Book is free of charge!
                          DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                          Do Not Chat For Help! NO_WAN_EGRESS(TM)

                          1 Reply Last reply Reply Quote 0
                          • J
                            jon9314 last edited by

                            thanks again for your patience with me... just an update. yesterday after trying everything that had ben suggested i decided that maybe if i rebooted the firewall it would start working properly. unfortunately when i clicked on reboot it never came back up. i had to once again reinstall it. but on the bright side i entered the rule as i was told to and all is working again

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post