I have a tunnel from SiXXs and a /48 subnet assigned. I have the tunnel setup, an IP on the internal interface as a /64, and the advertise prefix enabled. All my hosts are getting IPv6 address and can browse the internet just fine. I do not have NAT enabled for IPv6 nor web filtering.
My issue is with incoming traffic not being blocked. I have added a firewall rule that is supposed to block all ipv6 internet going to the "tunnel broker subnet". However, when going to a looking glass site and entering the IPv6 address of one of my internal hosts, I can ping and traceroute all the way with with no blocking.
I will update this later today once I get a screen shot of the exact rule.
This thread was automatically locked due to age.
