Host Specific IPV6 Rules
I have IPV6 set up and working, my ISP is Comcast and I'm using DHCP6 to get the WAN address and Track Interface WAN on the LAN interface.
How do I create rules to allow traffic on some ports to reach LAN hosts? I haven't found any way to make the IPV6 address assigned be deterministic.
I haven't found any way to make the IPV6 address assigned be deterministic.
There is a way using DHCPv6 if you already know your PD addresses but may cause issues down the road if your ISP changes your PD range.
I haven't try in a while but add rules to your LAN interface, nothing is needed is on your WAN interface if i remember correctly.
try something like this:
src - any
dst - ipv6 of your host
dst port - 80
I know I can do this, but I'm looking for something that works properly even if a different prefix is assigned by the ISP.
There isn't anyway to configure it via the gui the I know of.
Can you just put them on different LANs or VLANs? Comcast will give you up to 16 /64 prefixes, so you could just put the "open" hosts in one (basically, a DMZ) and the locked down ones in another.