Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Automatically generated rules causing issues

    Scheduled Pinned Locked Moved IPv6
    3 Posts 2 Posters 514 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      MikeAce
      last edited by

      I'm trying to use a pfsense firewall as a perimeter firewall where I have both public IPv4 addresses and public IPv6 prefix delegation going into the device. IPv4 is coming into a bridged WAN/Internal interface while IPv6 is coming in a completely separate WAN interface that is not bridged, but instead is performing prefix delegation to 2 other separate interfaces. The issue I have is the automatically generated IPv6 firewall rules are forcing the ICMPv6 router solicitation, advertisement, etc. be allowed on all interfaces. This causes an issue because the default IPv6 prefix is leaking through the IPv4 bridge.

      JKnottJ 1 Reply Last reply Reply Quote 0
      • JKnottJ Offline
        JKnott @MikeAce
        last edited by

        @MikeAce

        What happens if you make the bridge interface IPv4 only?

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        1 Reply Last reply Reply Quote 0
        • M Offline
          MikeAce
          last edited by

          The bridged interfaces are ipv4 only. the issue is that the automatically generated rules are floating rules so they apply globally

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.