cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
195
Views
0
Helpful
1
Replies
Highlighted

RV340 IPv6 inbound access rules does not appear to work

Hi,

I have an RV340w configured to talk to a VDSL modem that is in bridge mode via PPPoE. Both the IPv4 and IPv6 connectivity uses the shared PPPoE credentials and receives an IPv4 address (29 bit subnet) and IPv6 addresses - an ND prefix (64 bits) and a PD prefix (48 bits)

 

Currently, I have one VLAN, VLAN1 which is has an IPv4 configuration with a 24 bit network width and DHCP server. The IPv6 settings derive from the PD prefix, with an additional 16 bits (set to 1) giving a 64 bit prefix. DHCP server is OFF - I'm using SLAAC. Because there is only one VLAN, the LAN ports are all untagged.

 

Router advertisement is enabled on VLAN1, unsolicited multicast, managed and other flags switched off. There is an autogenerated /64 prefix derived from the PD+VLAN1 settings. I have also defined a FDxx:xxxx:xxxx:1::/64 prefix

 

Hosts on the LAN site of the router are able to initiate IPv6 (TCP) connections to the outside world and are correctly identified by their PD+VLAN1+host address.

 

However, defining an IPv6 access rule permitting anything on the WAN side to connect to a particular port on a particular IPv6 address (PD+VLAN1+host) appears to have no effect. Externally-initiated connections do not get past the WAN. A blanket 'deny' with logging switched on shows nothing in the logs.

 

Note that IPv4 externally-initiated connections work with the appropriate access rules and in combination static NAT access rules without any problems.

 

What am I missing with regard to IPv6 inbound connectivity? Any pointers gratefully received.

 

Keith

1 REPLY 1
Highlighted
Cisco Employee

Hello Keith,

 

So far we do not have filed such a bug/behaviour or software issues with the IPv6 firewall rules on the RV34x platform. Since I can't reproduce your scenario and advice you on how to proceed further would recommend raising a tech support ticket with STAC so they could help you in the troubleshooting process and assist you solve the issue. Contact details are as follows: 

 

https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html 

 

Regards,

Martin