Hi all, great to be here!
I just set up a guest network using the instructions from this page:
https://wiki.teltonika-networks.com/view/How_to_set_up_a_guest_WiFi_network_on_RUTX
I followed the “Alternative Firewall rules” variant. This is working and enabling IPv4 connectivity, but there is no IPv6 connectivity. Might it be possible to update the guide to account for IPv6 as well? Many thanks in advance!!
Hello,
Currently, it is only possible to use IPv4 as the Hotspot network. However, I will consult with our developers regarding IPv6 support and get back to you once I receive an update.
Best regards,
That would be great!! Many thanks. My connection is actually IPv6-only, with CLAT in the RUTX50 modem handling IPv4. So having only IPv4 in this setting is quite odd 
I guess the support is there and it would be a matter of adding the right steps to the tutorial.
Hello,
Could you please try setting the IPv6 assignment length on the guest interface as shown below?
Let me know how it goes!
best regards,
Many thanks for the response! I just tried this, but it does not seem to work just yet. Might it be possible I also need to adjust something related to the firewall?
It seems I needed to set the assignment length to 60 and allow ICMP traffic for the router advertisements to arrive.
I can still access the router over HTTP and SSH though. I’ll see if I can explicitly block that at least.
I’m not yet there unfortunately. I realized that there were issues with IPv6 networking after I made this change and then I observed that my br-lan and br-ifLan2 (assigned for the guest network) had the same IPv6 address and it ended with /64, despite that the assignment length being set to /60.
I then found this topic: How to send prefix hint on wwan interface
I noticed that the qmimux0 interface had a /128 address, so that did not seem good. I tried:
uci set network.mob1s1a1.dhcpv6='1'
uci set network.mob1s1a1.reqprefix='48'
uci commit network
/etc/init.d/network restart
Now I’m getting a /64 address on the qmimux0 interface, but I still see also only a /64 on the br-lan interface.
The br-ifLan2 interface isn’t getting any public IPv6 prefix assigned at all now. Possibly I’m still not getting a long enough IPv6 prefix, but I’m not sure how to see what kind of prefix I am receiving.
It seems I cannot get a prefix shorter than a /64 so I cannot just use another network for the guest network. I’ve been looking at using IP masquerading.
Note that I’m using fdb3::/64 for the guest network (IPv4 192.168.179.0/24, similar to the default of devices from another manufacturer).
I followed the answer from this page: IPv6 guest network on OpenWrt, but ISP only delegates one /64 subnet - Server Fault
The UI doesn’t have all the options from luci yet though, so I looked at the equivalents uci commands, which I think would be:
root@RUTX50:~# uci set network.ifLan2.ip6addr='fdb3::1/64'
root@RUTX50:~# uci set network.ifLan2.ip6prefix='fdb3::/64'
root@RUTX50:~# uci set dhcp.ifLan2.ra='server'
root@RUTX50:~# uci set dhcp.ifLan2.dhcpv6='server'
root@RUTX50:~# uci set dhcp.ifLan2.ra_default='2'
root@RUTX50:~# uci set firewall.3.masq6='1'
root@RUTX50:~# uci set firewall.3.masq_src='fdb3::/64
With ifLan2 corresponding to the guest interface and firewall.3 corresponding to the WAN zone.
Unfortunately it’s not yet working:
$ ping ip6only.me
PING ip6only.me(2001:4810:0:3::78 (2001:4810:0:3::78)) 56 data bytes
From fdb3::1 (fdb3::1) icmp_seq=1 Destination unreachable: No route
From fdb3::1 (fdb3::1) icmp_seq=2 Destination unreachable: No route
From fdb3::1 (fdb3::1) icmp_seq=3 Destination unreachable: No route
I guess quite a few mobile networks might provide just a single /64, so it would be great to have documentation using IP masquerading for IPv6 on the guest interface.
If you have any hint one what might still be wrong in my configuration, any advice would be great!
Hello,
I have sent you a form to fill out. Once completed, I will contact you privately.
For reference, please use the Ticket ID “11267” when communicating about this matter.
Best regards,