IPv6 Prefix delegation for Yggdrasil

Hi,

I have installed Yggdrasil and it’s corresponding luci-app via opkg and it works so far. I am connected to peers and I have enabled prefix delegation on the interface and configured an IPv6 assignment length of 64.

I can ping Yggdrasil addresses like 319:3cf0:dd1d:47b9:20c:29ff:fe2c:39be directly from the router, but not from connected clients. When I try, I get
From <my ipv6 router ip> icmp_seq=1 Destination unreachable: Port unreachable

I guess there is some firewall configuration missing? Has anyone managed to get this working and can share the relevant configuration parts?

I’m not using Yggdrasil (yet) but did you allow traffic from your clients’ firewall zone to whatever zone Yggdrasil’s interface is assigned to?

Hm I have edited the rule with Accept - Accept - Accept.

Now it seems packets are just dropped. No more Port unreachable, just 100% packet loss

Tried with these settings now:

waterfox_ZlAnELzUv5

When you set accept-accept-accept on wan zone you basically disable the firewall which is a security issue