NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Getting IPV6 to Un-Filter ICMP???
R7800 (latest .63 firmware)
Hello. Is there a way to un-filter ICMP messages using IPV6 on the R7800 router?
I’ve tried BOTH stock firmware and Voxels firmware to no avail. My previous Asus routers did this automatically but I can’t seem to get it to work or manually adjust the settings to get it to work in the R7800.
I’m getting the following message when running an IPV6 test:
[quote] 1. Reconfigure your firewall
Your router or firewall is filtering ICMPv6 messages sent to your computer. An IPv6 host that cannot receive ICMP messages may encounter problems like some web pages loading partially or not at all.[/quote]
Any help or guidance is greatly appreciated. Thanks in advance.
Hello. Is there a way to un-filter ICMP messages using IPV6 on the R7800 router?
I’ve tried BOTH stock firmware and Voxels firmware to no avail. My previous Asus routers did this automatically but I can’t seem to get it to work or manually adjust the settings to get it to work in the R7800.
I’m getting the following message when running an IPV6 test:
[quote] 1. Reconfigure your firewall
Your router or firewall is filtering ICMPv6 messages sent to your computer. An IPv6 host that cannot receive ICMP messages may encounter problems like some web pages loading partially or not at all.[/quote]
Any help or guidance is greatly appreciated. Thanks in advance.
- A Netgear engineer replied to my inquiry about this issue with the following:
————————————————
As per our router specification "An implementation MUST NOT send out the ICMPv6 echo reply on the router’s WAN interface if the “Respond to Ping on Internet Port” option is not enabled” for security reasons. So that means in order to allow this user must enable respond to ping on internet port. R7800 should have an option for IPv6 ping on the debug page. If you go to debug page you should see an option called “Allow external IPv6 hosts ping internal IPv6 hosts” and user need to enable this if he wants external IPv6 address to ping internal ones."
To access the debug page, just type this address on your browser 192.168.1.1/debug.htm or routerlogin.net/debug.htm and login using the router's credentials. Scroll down to the bottom and look for Allow external IPv6 hosts ping internal IPv6 hosts and enable it.
——————————————-
Should I try this or is this a security concern? Not sure what to make of this. Thanks
14 Replies
Nope. There is no luck getting Netgear to change this. It's been hashed for years. Netgear considers responding to ICMPv6 echo requests as a security threat and will not change. There firewall is closed source so Voxel can't fix it either. At this point if you want properly running IPv6 use a Asus router or router from another source. I know sad but true....
- Thanks for your prompt reply. Too bad that Netgear won’t implement a fix. I’ve tried Asus routers and while their firmware is top notch (especially Merlins) - their hardware and wireless performance is not on-par with others. Pick your poison I guess.
In regards to firmware for the R7800 - is the general consensus to stick with stock Netgear firmware or use Voxels firmware?
Curious as to what the community recommends.
ThanksI would stay with Voxel's. He just released a new version today for the 7800. 1.0.2.70SF. He keeps all the behind the scenes packages updated were Netgear continues to use old and outdated packages even with new firmware releaes. I can say with certainty that my R7800 will be my last purchase from Netgear there firmware is just to old, crusty, unstable and outdated to be relevent in late 2019.