Setting up IPSec/Firewall for printer with ipv4 address, allowing ipv6

jru asked:

I have an HP P4014dn printer with a publicly accessible static IPv4 address. It’s also enabled with a link-local FE80 IPv6 address.

I’ve setup the IPSec/Firewall settings to allow traffic from only the IPv4 address ranges we use on our campus. But there is also a WiFi network available outside that uses IPv6 addresses only. All of the IPv4 address can access the printer fine, but I can’t seem to figure out how to allow IPv6 addresses through.

When I go into the printer firewall settings, it asks to specify a local and remote address. Even when I set the remote IPv6 range of our Wifi network, and set the local to all possible IPv6, I still am unable to access the printer from the WiFi.

The settings require that both local and remote be in the same IPv4/IPv6 protocol version.

Printer config

Thanks in advance.

My answer:

If your printer has only a link-local IPv6 address, then it is reachable via that address only from other devices on that specific layer 2 link.

In order to reach the printer via IPv6 from outside the LAN it’s on, it needs a routable IPv6 address, such as a global or ULA address.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.