Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPv6 static route ignored based on firewall rule placement

    IPv6
    1
    1
    48
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tech-rat
      last edited by

      This has taken me many many hours to troubleshoot and the issue is that an IPv6 static route is not being honored when the ACL rule for that traffic is assigned to an interface. However is the ACL is put in the Floating section then the IPv6 static route is honored.

      I have attached the test mockup network diagram and the pfSense relevant configuration. The proof is in the tcpdump. When the radius packet allow rule is in the Floating section the reply packet has a return MAC address of the Linux router which is correct based on the static route. How ever if I move the rule to the WAN interface the radius reply packet has a return MAC address of the default gateway so the server never gets the return packet.

      This seems like a bug. Please help.
      Thanks
      Todd

      f1df197e-572a-4b96-b464-d17a53be3ef4-image.png

      36e05994-6b01-480e-bca6-6d83169cd61d-image.png

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.