How to access local port 80 via internet using ipv6 port forwarding?

Technical Support for Routers
1

@alzhao @admon @Satyam500160
how to allow local port 80 via internet using ipv6 for GL-X3000 without vpn?
My ISP is jio india.
currently i have set ipv6 to passthrough and show ipv6 2409:.... all other setting on default. no any changes made.
how to allow ipv6 firewall? no option for ipv6 firewall on GL-inet web ui.
Can you please help me.

Thank you

3

Do you want to use ipv6 address to access webui?

4

I think jio is using CGNAT, so you won't be able to bypass it unless you use a VPN client with port forwarding or a peer-to-peer connection like tailscale or zerotier.

5

i want to access some port of RPI.

6

I've tried several methods to access my UDM Pro remotely, but none of them have worked as well as direct access. I've tried using a Cloudflare tunnel and Tailscale, but both of those methods are very slow.

7

some one told on YouTube it's possible using ipv6.

8

i already use cloudflare tunnel but speed is very slow. i need for upload/download file on RPI via internet using web based file manager. that already install on port 80.
i want to get faster speed on upload.

9

yes we can do it, One of the main advantages of IPv6 is that it does not require Network Address Translation (NAT). In IPv6, every device can be assigned a unique, globally routable IP address. This eliminates the need for CGNAT, which is used in IPv4 to conserve the limited number of available public IPv4 addresses.

10

then how to do it?
how to allow port 8080 on Gl-X3000 for ipv6?

11

login into your router via ssh/sftp

go to this path /etc/config/firewall and look for the existing rules related to port forwarding and add a new rule specifically for IPv6 and port 80:

config rule
option src 'wan'
option dest 'lan'
option proto 'tcp'
option dest_port '80'
option target 'ACCEPT'
option family 'ipv6'
12

how to add from Luci interface?

13

is your ipv6 globally routable ip address?

14
  • Navigate to the Firewall settings:
  • Go to Network > Firewall.
  • Create a new traffic rule:
  • Click on Add to create a new rule.
  • Configure the rule for port 80 (HTTP):
  • Name: Give the rule a name, like "Allow IPv6 HTTP Access."
  • Source Zone: Select WAN.
  • Destination Zone: Select Device (input).
  • Destination Port: Set this to 80 for HTTP access.
  • Protocol: Choose TCP.
  • Source IP Address: Leave it empty or set specific allowed IP ranges if you want.
  • Family: Choose IPv6.
  • Action: Set this to Accept.
  • Add a rule for port 443 (HTTPS):
  • Repeat the steps above, but set the Destination Port to 443 for HTTPS.
  • Save and apply the changes:
  • Once you have created the rules, click Save & Apply.

Try this method once.

15

@mdpatel how you managed to get ipv6 on gl x3000?

16

Most ISPs will provide IPv6 now

image
image711×428 13.4 KB

17

@Satyam500160 working fine after open port 80. and then access http://[ipv6] on browser.

Screenshot_20240930_132843_Chrome
Screenshot_20240930_132843_Chrome1080×1115 103 KB

How to run .sh script on every ipv6 change?
And how to forward port 80 to another LAN ip?

18

@bruce @Satyam500160
After open port 80 can access web GUI of GL-inet using ipv6 ip address that start from 2409:..

But, when forword port 80 to another port like 19999 (netdata) then not take any changes always open GL-inet UI on port 80 when open http://[ipv6]
why?

Screenshot_20240930_154742_Chrome
Screenshot_20240930_154742_Chrome1079×1576 147 KB

19

Solved:

  1. open ipv6 port 8080 on router
  2. add AAAA record on cloudflare with test.domain.com
  3. create script that update ipv6 to AAAA DNS record on cloudflare subdomain
  4. Add Origin Rule for domain.com > Rules > Origin Rule:
    wildcard: https://test.domain.com/*
    Destination port: 8080
  5. create hotplug script that run on ipv6 update.
  6. done.
2 Likes