Anyone having issues with IPv6 following upgrade to 3.8.9.1_BT firmware?

Downgrade back to 3.8.8_BT fixes issue.


Rgds

Issue relates to firewall rules. Disabling all rules fixes issues, but makes the server light up like a Christmas tree on a port scan.

Disabling country based rules (configured for v2862_389RC2_bt trial) fixes the majority of IPv6 issues, but still getting strange results that I cant quite put my finger on. Will recreate rules from scratch when i get a chance. For now downgrade to 3.8.8.2_BT fixes all issues.


Still interested to know if others have IPv6 issues on 3.8.9.1_BT?


Rgds

Can't speak for IPv6 but for me it created all kinds of HTTPS issues on IPv4, my webserver behind NAT became unreachable and my fingbox appliance stopped functioning despite being whitelisted in both directions. Draytek remoted in, grabbed a copy of my config and have supposedly been lab testing for a week now. 3.8.9.1 is fatally flawed in my experience

hopkins35 wrote: Can't speak for IPv6 but for me it created all kinds of HTTPS issues on IPv4, my webserver behind NAT became unreachable and my fingbox appliance stopped functioning despite being whitelisted in both directions. Draytek remoted in, grabbed a copy of my config and have supposedly been lab testing for a week now. 3.8.9.1 is fatally flawed in my experience

Hmm, I may have seen a NAT loopback problem with 3.8.9.1 so far - what kind of HTTPS issues did you see?

Also OP: which ISP? Is it PPP IPv6?

ISP is Zen

Yes, PPP IPv6

admin3 wrote:
Hmm, I may have seen a NAT loopback problem with 3.8.9.1 so far - what kind of HTTPS issues did you see?

I have a webserver sitting behind NAT which also hosts an L2TP VPN, Remote Desktop Gateway and various other services. I have 6 WAN aliases and one of those has redirects and firewall rules setup for said server. I also have a Fingbox network monitoring appliance which requires only outbound communication on a few ports including TCP 443 (I have no firewall restrictions on outbound traffic). After flashing 3.8.9.1 HTTPS access to my webserver completely broke - the RDP Gateway was inaccessible, my website was inaccessible but all other services including the VPN functioned fine and the Fingbox stopped communicating with the cloud and went offline also. Syslog firewall monitoring showed that the firewall was passing the traffic and I'd even added a specific rule for the Fingbox to explicitly allow its traffic outbound. I was also seeing some random web browsing and certificate errors. Interestingly the Draytek's SSL VPN continued working.

I ended up flashing the firmware 3 times, the last time was so Draytek could grab my config, and each time the same problems occurred. I've not heard anything from them in a week now