cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
610
Views
0
Helpful
1
Replies

RV340 6in4 tunnel exposes device management UI

jbnes
Level 1
Level 1

I'm using an RV340 router and 6in4 tunnel to Hurricane Electric TunnelBroker to provide ipv6 connectivity to the internet. The tunnel is up and running fine, but doing an ipv6 portscan from the internet against my tunnel's local IPv6 IP or against the router's IPv6 IP on my internal VLAN, various IPs show open on the router (TCP 22, 53, 80, 443, 2601, 2602) and the HTTPS device management UI is accessible from outside on both of these IPs. I do not have remote management turned on, and device management is only enabled on my internal VLAN. I've tried various firewall access rules to block access from the tunnel to those IPs but the rules seem to be ignored. Is there any way to block traffic through the 6in4 tunnel?

1 Reply 1

ShoShoZZ
Level 1
Level 1

Ah yes, that's quite the glaring issue. I was able to replicate this on my end - same problem with ports being exposed. Firewall rules have no effect, even when using the TUN1 interface. So, I disabled my 6in4 for now.