pfSense bugtracker: Issueshttps://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162015-10-05T18:08:21ZpfSense bugtracker
Redmine pfSense - Bug #5258 (Resolved): Using pppoe WAN with ipv6 SLAAC, reply-to rules use the wrong int...https://redmine.pfsense.org/issues/52582015-10-05T18:08:21ZJames Tandyadmin@tandyukservers.co.uk
<p>When enabling reply-to rules on WAN,<br />Where the WAN is PPPOE, configured by SLAAC,<br />When you add a rule, the reply-to address used is that of the physical interface, and not pppoeX.<br />This only applies to ipv6 rules.</p>
<p>With reply-to disabled:<br />pass in quick on pppoe1 inet proto icmp from any to 87.252.44.195 keep state label "USER_RULE: allow inbound ping" <br />pass in quick on pppoe1 inet6 proto ipv6-icmp all keep state label "USER_RULE: allow inbound icmpv6"</p>
<p>With reply-to enabled:<br />pass in quick on pppoe1 reply-to (pppoe1 212.42.162.226) inet proto icmp from any to 87.252.44.195 keep state label "USER_RULE: allow inbound ping" <br />pass in quick on pppoe1 reply-to (sge0 fe80::f2f7:55ff:fe0c:5700) inet6 proto ipv6-icmp all keep state label "USER_RULE: allow inbound icmpv6"</p>
<p>sge0 is the physical WAN interface.<br />The gateway IP is correct.</p>