Skip navigation
This discussion is archived

Airport Extreme problem with IPv6 firewall settings.

3162 Views 4 Replies Latest reply: Mar 4, 2009 12:29 PM by yozhbk RSS
chpalm Calculating status...
Currently Being Moderated
Nov 22, 2008 1:23 AM
I have tried to do Port Mapping for IPv6 services with out success. With following simple configuration: Two Airport Extreme 802.11n connected to the Internet with one web server each on local network.

IPv6 configuration
IPv6 Mode: Tunnel
Block incoming IPv6 connections
Configure IPv6: Automatic

IPv6 firewall, configuration
Exception
IPv6 Address (6to4 address given by AP)
TCP port 80

Tests made:
We have tried to surf on web server with open firewall everything works well.
We have tried to surf on web server with firewall in block mode with exception as described. Airport blocks and sends "Administratively prohibited" to the client.
We have made traceroute6 over the Internet it is stopped by the Airport as expected.

The manual don't give any advise and Im really not sure on who it is expected to work but as I have interpreted the manual and help text given is Firewall exceptions possible in IPv6 mode.

The adviser needs advise.
MacbookPro, Mac OS X (10.5.5), Any where any time for no reason at all!
  • Gaijin Kuma Level 1 Level 1 (0 points)
    Currently Being Moderated
    Jan 17, 2009 11:48 AM (in response to chpalm)
    <Removed - wasn't applicable>

    Message was edited by: Gaijin Kuma
    Mac OS X (10.5.6)
  • J. Everett Calculating status...
    Currently Being Moderated
    Jan 21, 2009 8:12 AM (in response to chpalm)
    adviser wrote:
    I have tried to do Port Mapping for IPv6 services with out success.

    It's not port mapping, just port "opening".

    IPv6 firewall, configuration
    Exception
    IPv6 Address (6to4 address given by AP)
    TCP port 80

    I trust by "6to4 address given by AP" you mean the 2002:: address of the internal *web server*, not the 2002:: address of the AP -- because, as above, you're not mapping a port on the AP to one on the web server. You are simply opening your internal address/port to the outside world.

    The beauty of IPv6 is everyone can have a valid address so no mapping is required. (Although, the 2002:: 6to4 addresses have some connectivity limitations that don't exist with native IPv6 and tunnels.)

    Tests made:
    We have tried to surf on web server with open firewall everything works well.
    We have tried to surf on web server with firewall in block mode with exception as described. Airport blocks and sends "Administratively prohibited" to the client.
    We have made traceroute6 over the Internet it is stopped by the Airport as expected.

    If you change the firewall to:
    Exception
    IPv6 Address (6to4 address given by AP)
    All services and ports
    can you ping6 and traceroute6 the webserver IPv6 address?
    MacBook Pro, Mac OS X (10.5.6)
  • _Choppa_ Calculating status...
    I also can't get the exceptions part of the firewall working. Nothing I put in there makes a difference.

    The only way I can get inbound IPv6 connctions to my network is if I uncheck the "Block incoming IPv6 connections".
    iMac, Mac OS X (10.5.6)
  • yozhbk Level 1 Level 1 (0 points)
    I got the same issue.

    Why is this happening. I put in the firewall exeption and it blocks it.
    MacBook Late 2008, Mac OS X (10.5.6), iphone 3g White

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.