Description:This document describes how to set up IPv6 firewall rules in a LANCOM router in order to access a device on the LAN over the Internet (WAN) that has a static IPv6 address. Requirements:- Functional IPv6 Internet connection, as well as functional IPv6 in the LAN.
Scenario:- A Web server (HTTPS) on port 443 in the LAN with the fixed IPv6 address 2001:db8::1.
- Since there is no NAT for IPv6, devices receive a globally unique address, only the firewall access needs to be configured.
- The corresponding IPv6 firewall entry replaces the known port forwarding entry from IPv4.
Procedure:1. Open the configuration of the LANCOM router and change to the menu Firewall/QoS -> IPv6 Rules -> Station objects. 2. Create a new entry with Add. - Assign a descriptive name for the new station object.
- Select the type IP address.
- In the Address field, enter the static LAN IPv6 address of the web server (here 2001:db8::1).
3. Optionally, you can create another station object for your IPv6 Internet connection.4. Open the Firewall/QoS -> IPv6 Rules -> IPv6 forwarding rules dialog. 5. Create a new entry with Add. - Assign a descriptive name for the new forwarding rule.
- Select the action ACCEPT.
- As a service, you need to set HTTPS.
- For the source station, select the station object created in step 3 for your IPv6 Internet connection. If you did not create this optional object, you can alternatively select the ANYHOST setting.
- As the target station, select the station object created in step 2 for your local web server.
6. Write the configuration back to the LANCOM router. The configuration steps are completed. |
|