I have three UCS servers running in my network on one VMWARE. Since we only have one IPv4, I was able to reach exactly one from the outside. That was the one Kopano is running on.
All are running 4.4-1
Since we now also got IPv6, I could now assign an address to each of the servers via SLAAC.
ifconfig also shows me the addresses on eth0. The addresses are reachable via ping or tracert. Internally as well as externally.
But on one machine I can’t reach apache via ipv6, neither externally nor internally. The firewall rules on the pfsense are the same for all three machines (except of course the target ip.) I have checked the addresses several times and am sure that I have no error in the IP.
Interestingly, Let’s Encrypt can easily order a certificate, so ports 443 and 80 must be accessible from the outside.
Even if I bypass the DNS and enter the ipv6 from the internal network directly into the browser, there is no answer from Apache … but i can ping it. in the internal network there is an any2any-allow rule for ipv6, so at least it should work there.
What can be the problem?
https://core.wedia.de only ipv4 seems to work internaly. no external ipv4
https://mannheim.wedia.de ipv4 and ipv6 both working internally and externaly
https://smb.wedia.de only ipv6 externaly available and working fine. ipv4 internaly also okay.
here my tracert from home to the “core” …
tracert core.wedia.de
Routenverfolgung zu core.wedia.de [2a00:1e80:71:0:250:56ff:fea6:592]
über maximal 30 Hops:
1 <1 ms <1 ms <1 ms p200300C387159000464E6DFFFE5EB215.dip0.t-ipconnect.de [2003:c3:8715:9000:464e:6dff:fe5e:b215]
2 4 ms 3 ms 3 ms 2003:0:8300:7800::1
3 6 ms 5 ms 6 ms 2003:0:1309:4017::1
4 6 ms 5 ms 5 ms 2003:0:1309:4017::2
5 6 ms 5 ms 5 ms lo-0-v6.ear2.Frankfurt1.Level3.net [2001:1900:2::3:111]
6 6 ms 5 ms 5 ms MANET-GMBH.edge3.Frankfurt1.Level3.net [2001:1900:5:2:2::a2]
7 8 ms 7 ms 7 ms 2a00:1e80:8:13::2
8 8 ms 7 ms 7 ms 2a00:1e80:8:3::2
9 8 ms 8 ms 8 ms 2a00:1e80:6:13::5
10 9 ms 8 ms 7 ms 2a00:1e80:71:0:250:56ff:fea6:592
Ablaufverfolgung beendet.
Translated with www.DeepL.com/Translator