How to disable Archer's AX11000 IPv6 firewall?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

How to disable Archer's AX11000 IPv6 firewall?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
How to disable Archer's AX11000 IPv6 firewall?
How to disable Archer's AX11000 IPv6 firewall?
2022-11-18 14:13:14
Model: Archer AX11000  
Hardware Version: V2
Firmware Version: 2.1.2 Build 20220526 rel.59616(5553)

Hey everyone.

 

I need help with this router. I recently bought it to replace my Asus RT-AC88U and there's an Ubuntu Server inside my network which needs communication with the internet. My IPv4 is under an ISP CGNAT and there's no way of getting out of it, so I rely on my public IPv6.

 

I was setting up everything, opening all ports and such but the server still isn't being broadcasted. And I just realized that everything that's firewall related in this router relies on IPv4.

 

Asus RT-AC88U had a IPv6 firewall option that I set to disable, so everything works normal; but I can't find any option about an IPv6 firewall in AX11000 and I don't know if theres's any other way to disable it via SSH/Telnet or anything related.

 

So, how can I disable it? 

  0      
  0      
#1
Options
2 Reply
Re:How to disable Archer's AX11000 IPv6 firewall?
2022-11-20 10:45:26

  @Soulzito 

 

Check this reply concerning your question.

If this was helpful click once on the arrow pointing upward. If this solves your issue, click once the star to mark it as a "Recommended Solution".
  3  
  3  
#2
Options
Re:How to disable Archer's AX11000 IPv6 firewall?
2022-11-22 20:04:32 - last edited 2022-11-22 20:11:25

I also asked the support how to configure the IPv6 firewall and always the same answer. In my opinion there will never be IPv6 firewall config.

I don't understand why TP-Link doesn't implement these pretty small change in their firmware. All necessary tools are already available.

It's just a simple Web UI, validation and a script to store/load and apply ip6tables commands to open single ports for a one IPv6 address.

 

It looks like they affraid that IPv6 unexperienced users open security vulnerabilities in their network when opening to many ports. You have to keep in mind that there isn't any NAT on IPv6. So the device is directly accessed via Internet.

But that's a big marketing disadvantage because there are other router manifacturers who have these feature and IPv6 will be more and more important.

  0  
  0  
#3
Options