EDIT: I feel like something is failing intermittently because it was working (reachable on multiple tests) for a little then stopped, and I don't think I changed anything even though I was in the admin web interface for the router. I am on FreshTomato 2019-1 on AC-68U (TM-AC1900) connecting fine to a Hurricane Electric 6in4 static tunnel. I can get 19/20 on ipv6-test website (with the 1 short for no PTR record). However, the IPv6 firewall seems to be an issue. I need port 80 and 443 to be open, and I am not sure why they're not. I am not sure what default routes are supposed to look like or maybe the firewall has a weird rule (by default on my setup). Yet, clearing all rules on ip6tables (ACCEPT all) doesn't help. I have a Debian machine with a IPv6 SLAAC address that I want to be reachable. I think this is supposed to be globally reachable even though it's inside my /64 with the router in front. I have this machine's MAC set to receive a static IPv4 address, and the IPv6 address seems to remain the same as well. I was using an addresss given by DHCPv6, but I turned that off. It has a link-local IPv6, which I don't think is usable even if only in the firewall settings. From inside the LAN, the web server is reachable over IPv6, so the router seems to be blocking access from outside. I may gotten a `curl -6` request to work maybe 1 time on a fluke, so it seems like the router firewall failed that one time or I happened to be changing something at the time, but I am not sure what it was. Most or all IPv6 website testers on web say its not reachable over IPv6. My router is pingable over IPv6. I can also reach SSH or the admin web interface (using alternate port) if I turn on remote access options. I can't post a link, and I may be changing my IPv6 while I try to fix this, but you can piece together the following for the URL. Host: tacden. TLD: net. I tried to post route and firewall output, but the site thought it had a link. The output will still show the IP 2001:470:1f06:ae3::9062:f334 but I am trying to make 2001:470:1f06:ae3::22 work. Look for pastefs pid/112369 if it helps. Any guidance will be appreciated.