• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

IPv6 static route ignored based on firewall rule placement

Scheduled Pinned Locked Moved IPv6
1 Posts 1 Posters 140 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T
    tech-rat
    last edited by Feb 4, 2025, 5:07 PM

    This has taken me many many hours to troubleshoot and the issue is that an IPv6 static route is not being honored when the ACL rule for that traffic is assigned to an interface. However is the ACL is put in the Floating section then the IPv6 static route is honored.

    I have attached the test mockup network diagram and the pfSense relevant configuration. The proof is in the tcpdump. When the radius packet allow rule is in the Floating section the reply packet has a return MAC address of the Linux router which is correct based on the static route. How ever if I move the rule to the WAN interface the radius reply packet has a return MAC address of the default gateway so the server never gets the return packet.

    This seems like a bug. Please help.
    Thanks
    Todd

    f1df197e-572a-4b96-b464-d17a53be3ef4-image.png

    36e05994-6b01-480e-bca6-6d83169cd61d-image.png

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
      This community forum collects and processes your personal information.
      consent.not_received