Hi Guys,

My ISP Zen have activated IPv6 on my account and I have setup one of my NAS boxes with an IPv6 address for test purposes. The IPv6 address on the NAS has an AAAA record assigned at my ISP domain register.

OK, my question is, how do I allow only the one IPv6 address to come in from the WAN to my LAN (NAS) without having everything else on my network also available on the WAN.


I tried creating 2 IPv6 objects. 1) with my IPv6 range from my ISP and 2) one with my IPv6 address of my NAS.

In my firewall the first rule is set from WAN >> LAN/VPN to block my IPv6 range via object with Block if no further match.
The second firewall rule is set to allow my second IP object (my NAS IP).

Problem is when I enable the first rule it blocks all IPv6 coming in. I thought that the Block if no further match option would allow the 2nd rule to work.

Can someone please assist me.

Thanks

John