I am using a local Omada software controller (4.4.3) to manage my network, and recently installed the (beta 1.1.0) firmware for this router. Can confirm that IPv6 is working great! Am able to use SLAAC and get real IPv6 addresses for all internal LAN devices with the /64 prefix assigned by my ISP.
However, within the Omada interface I can find no way to add specific firewall rules for WAN to LAN. This seems like a basic feature that is missing... is it coming in the future? For a specific example, I need to prevent incoming connections to addresses assigned to my IPv6 devices. For IPv4 w/NAT and local addresses this is less of an issue, but with IPv6 SLAAC these are real public addresses and I have confirmed they are directly accessible from the Internet. Putting aside the fact that per-device firewalls should be used as well, it is a major security problem that I can find no way to block incoming connections at the gateway level. A lot of other devices will do this by default and are configurable, but I can not find a way to prevent it with Omada+TL-R605.
Is there any other way to prevent incoming IPv6 connections to LAN devices? What are the future plans for allowing customized firewall rules? This functionality is critical for a lot of use cases.