0

I am currently on a IPv4 network. The IPv4 network is accessed by a router, which gives my machines IPv4 addresses via NAT.

On one of the machines, a Windows 2008 64-bit machine, I have set up a IPv6 tunnel. This allows me to access IPv6 sites by using IPv6 to IPv4 tunnelling to a IPv4 server, which de-encapsulate the packets and routes them to the IPv6 sites.

After setting up the IPv6 tunnel, I noticed a security issue. All ports exposed by the Windows machine is accessible by anyone who knows my IPv6 address.

My question is, does anyone know how I can block traffic at the IPv6 tunnel?

I have Googled around, but so far, I have been unable to find any solutions.

Thank you.

chuacw
  • 175
  • 10

2 Answers2

1

Not entirely sure why the answer from @balgan had a downvote, but to expand essentially I would recommend the same thing which is to use the windows firewall which ships with Server 2008 to protect that host and block access to services over the IPv6 tunnel interface.

If you've not running the firewall already to block IPv4 connections, you could add a custom rule specifically for the IPv6 address that you've got assigned to the host via the windows firewall management gui.

Rory McCune
  • 60,923
  • 14
  • 136
  • 217
0

http://technet.microsoft.com/en-us/library/bb726938.aspx here ya go, if u just want to use windows firewall to block IPv6 related stuff

balgan
  • 316
  • 1
  • 6