ER706W - IPV6 ACL?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

ER706W - IPV6 ACL?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
ER706W - IPV6 ACL?
ER706W - IPV6 ACL?
2024-01-22 22:32:25 - last edited 2024-01-22 22:34:33
Model: ER706W  
Hardware Version: V1
Firmware Version: 1.0.3

I installed this router some time ago as a replacement for my old provider router in order to be able to use VLAN's, network segmeting, etc.
I am using both IPv4 and IPv6 on my network and I have noticed that in the Gateway ACL on the Omada controller I cannot setup rules for IPv6??

 

The reason why is that I noticed after an external portscan that many if my v6 network-clients, including an internal file server (also with IPv6) with all the functionality (for cloud access, etc)... ports are all OPEN and EXPOSED to the internet! For all the PC's as well (for example, my Windows pc's as well). Ok I can close them at client-level, but it cripples functionality and it's not supposed to be open to the world wide web like this... indecision

 

I tried to create some new manual IPV6 ACL groups, but these don't appear on the Gateway ACL (router) rules I try to create. I can only set them on the Switch ACL (but this is pointless...). Now I am wondering: how can I close my inbound IPV6 traffic into the gateway (ER706W router) and leave v6 ports granulary open when it can't even be configured (not visible?)

 

Is ACL for IPv6 data even supported on that specific model I bought?

This would be a real shame...

  0      
  0      
#1
Options
3 Reply
Re:ER706W - IPV6 ACL?
2024-01-23 03:03:14

Hi @Nicolas_R 

Thanks for posting in our business forum.

You may return the product at this moment because our models do not fully support IPv6 GW ACL. This is a downside for the product now and we do have plans to implement more and more IPv6 related features. Yet there is no guaranteed timeframe or certain ETA for them.

 

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#2
Options
Re:ER706W - IPV6 ACL?
2024-01-23 08:10:07

@Clive_A Ok thank you for noticing.

 

Do you know which of these routers from the Omada series does fully support IPv6? Or do all models suffer with the same related issue?
https://www.tp-link.com/nl-be/business-networking/omada-router-wired-router/

  0  
  0  
#3
Options
Re:ER706W - IPV6 ACL?
2024-01-24 02:05:38

Hi @Nicolas_R 

Thanks for posting in our business forum.

Nicolas_R wrote

@Clive_A Ok thank you for noticing.

 

Do you know which of these routers from the Omada series does fully support IPv6? Or do all models suffer with the same related issue?
https://www.tp-link.com/nl-be/business-networking/omada-router-wired-router/

Unless there is at least one firmware update supporting that. Or it does not show up on other models.

The features basically stay consistent. Yet, there is not a single model getting that feature. So, it would be somewhere in the future. If one model gets that first, the rest will gradually updated with that if the model can support that.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#4
Options