To rule out any missing firewall rules, on Status: System logs: Settings, check "Log packets matched from the default block rules put in the ruleset" and see if it starts logging your pings from the LAN.
-- Steve Yates ITS, Inc. -----Original Message----- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Olivier Mascia Sent: Wednesday, April 20, 2016 11:39 AM To: pfSense Support and Discussion Mailing List <list@lists.pfsense.org> Subject: [pfSense] IPV6 WAN/LAN routing Dear all, I must be tired or something but I have a strange thing with IPv6 on a new box I just setup. Have a x:y:z:d800::/56 routed to me. WAN is static IPv6 on x:y:z:d800::1/64, gateway is x:y:z:d800::ffff:ffff:ffff:ffff (not a nice one but that is what they gave me). LAN is static IPv6 on x:y:z:d801::1/64, no gateway as usual for LAN interface. >From a host on the LAN side, at x:y:z:d801::100 (or any other), I can reach pf >LAN interface on x:y:z:d801::1, I can also reach pf WAN interface on >x:y:z:d800::1, but I can't get a packet to go further. Yet, from pf itself, I can reach (ping for instance) www.google.com (IPv6) from WAN interface, but not from LAN interface. I would have thought "ok I miss a pass rule on the LAN interface", but there is one. This by far is not my first pfSense box, and they all have various kind of IPv6 links. Not that I couldn't be awfully wrong somewhere. So what obvious detail am I overlooking here? If you have any idea? This is 2.3-RELEASE by the way. Other boxes (on other networks) are still 2.2.x. -- Meilleures salutations, Met vriendelijke groeten, Best Regards, Olivier Mascia, integral.be/om _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
