This document describes how to set up IPv6 firewall rules in a LANCOM router in order to access a device on the LAN over the Internet (WAN) that has a static IPv6 address.
Functional IPv6 Internet connection, as well as functional IPv6 in the LAN.
Scenario:
A Web server (HTTPS) on port 443 in the LAN with the fixed IPv6 address 2001:db8::1.
Since there is no NAT for IPv6, devices receive a globally unique address, only the firewall access needs to be configured.
The corresponding IPv6 firewall entry replaces the known port forwarding entry from IPv4.
Image Removed
Image Added
Procedure:
1. Open the configuration of the LANCOM router and change to the menu Firewall/QoS -> IPv6 Rules -> Station objects.
2. Create a new entry with Add.
Assign a descriptive name for the new station object.
Select the type IP address.
In the Address field, enter the static LAN IPv6 address of the web server (here 2001:db8::1).
Image Removed
Image Added
3. Optionally, you can create another station object for your IPv6 Internet connection.
Image Removed
Image Added
4. Open the Firewall/QoS -> IPv6 Rules -> IPv6 forwarding rules dialog.
5. Create a new entry with Add.
Assign a descriptive name for the new forwarding rule.
Select the action ACCEPT.
As a service, you need to set HTTPS.
For the source station, select the station object created in step 3 for your IPv6 Internet connection. If you did not create this optional object, you can alternatively select the ANYHOST setting.
As the target station, select the station object created in step 2 for your local web server.
Image Removed
Image Added
6. Write the configuration back to the LANCOM router. The configuration steps are completed.