Native IPv6 DMZ issue



  • Hello all,

    I'm pretty new to pfSense and I just started to play around with IPv6. I got native IPv6 working with out a hitch from Comcast. I set the WAN to DHCPv6 and then 'Track Interface' on my LAN.

    My question/issue is that I host a few websites and would love to have them on IPv6. I have two questions. First question is can you have multiple interfaces with the 'Track Interface' setting? When I set that on my DMZ I don't get a IP on the NIC.

    2nd question is if I can't get native IPv6 to pass to the DMZ what would be a good private IP setup for the DMZ? I've tried to assign the DMZ NIC fd1c:982e:350d:60c5::1/126 and the web server NIC fd1c:982e:350d:60c5::2/126 I added the following rule

    IPv6 TCP * 80 (HTTP) fd1c:982e:350d:60c5::2 80 (HTTP) * none

    But I wan't able to get it to pass the traffic.

    I did set IPv6 traffic to be allowed out of the DMZ.

    All in all, I guess I'm wondering what would be the best practice for getting IPv6 into a DMZ? Thank you for your help!


Locked