RV340: enabling IPv6 always exposes admin interface to WAN

iainf · ‎05-25-2022

Enabling ipv6 on RV340 appears to always expose the web administration interface on the WAN interfaces -- even when the "Remote Web Management " radio button is unchecked, and it is inaccessible for ipv4 connections.

No firewall rules seem to have any effect on this behaviour, either.

Is there any way to prevent this obnoxious behaviour?

Flavio Miranda · ‎05-25-2022

Hi

That´s why IPv6 did not take over yet.

In order to control IPv6 on firewall, you must have a firewall that understand IPv6 and create rule for IPv6.

iainf · ‎05-25-2022

The firewall is not the problem, nor is IPv6.

The RV340 firewall understands IPv6 - and it works well.

But the connection to the administration GUI clearly takes place BEFORE the firewall rules are run.
So creating a rule for this, as I have done, is ineffective - as my post above says.

Flavio Miranda · ‎05-25-2022

I was referring to a firewall outside this router. Usually, the firewall on the devices is meant to block user traffic and not traffic destinated to the device itself. Should be an option like ""Remote Web Management "" but for IPv6 as well. This is the kind of rule that´s block traffic to router.

iainf · ‎05-25-2022

The RV340 is a small business gateway router, usually managing one or two PPPoE connections to VDSL modem, or fibre ONT - suggesting a further firewall in front it it is not a helpful, useful, or practical solution.

As for "should be an option like ""Remote Web Management "" -- yes there is, and it doesn't work for ipv6. As the first post above actually says "even when the "Remote Web Management " radio button is unchecked, and it is inaccessible for ipv4 connections."