Switch OpenVPN to IPv6

pixel24

Hi@all,

I had a working OpenVPN configuration on my pfSense. Now my connection has been switched to IPv6-only and I have to adapt the OVPN server. My server has a valid IPv6 from the provider and can also be reached under this. I have configured an IPv6 dual stack in the LAN (behind the pfSense). The hosts (servers) have a public IPv6 (provider delegation + SLAAC) and a static ULA address.

My public IPv6 prefix is:

xxxx:yyyy:2180:8e10::/62

The pfSense has a WAN interface:

xxxx:yyyy:2180:8e00:6ce5:7bff:fe10:c05b

My ULA in the LAN is:

fdd0:a044:0f4c:0000:: /64

The pfSense has a LAN interface:

[2.7.2-RELEASE][root@gate01.lan.xxxx.club]/root: ifconfig
vtnet0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
	description: LAN
	options=c03b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,VLAN_HWTSO,LINKSTATE>
	ether 66:xx:19:xx:32
	inet 192.168.83.254 netmask 0xffffff00 broadcast 192.168.83.255
	inet6 fe80::64b2:19ff:fef9:5232%vtnet0 prefixlen 64 scopeid 0x1
	inet6 fe80::1:1%vtnet0 prefixlen 64 scopeid 0x1
	inet6 fdd0:a044:f4c::fe prefixlen 64
	inet6 xxx:yyyy:2180:8e1c:64b2:19ff:fef9:5232 prefixlen 64
	media: Ethernet autoselect (10Gbase-T <full-duplex>)
	status: active
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

I have changed the protocol in the configuration:

UDP on IPv4 only -> UDP on IPv6 only:

What do I have to configure under "IPv6 Tunnel Network"?

I have adapted my firewall rule for IPv6:

Can anyone tell me what else I need to configure?

with best
pixel24

the other

@pixel24
hey there,
you write that you want to change to IPv6 udp for openVPN but your screenshot shows you configured TCP port 1194...might be a problem, since UDP 1194 is standard port for openVPN (default), with TCP most ppl chose 443 (in order to reach your VPN in strict surroundings > hotel where UDP ist closed).

Your firewall rule relates to v4 and v6 UDP, so it is a mismatch there...

JKnott

@pixel24 said in Switch OpenVPN to IPv6:

Can anyone tell me what else I need to configure?

You can configure OpenVPN to work over IPv6, IPv4 or both. Mine's configured for both. You can also configure the tunnel for both or either.

pixel24

@the-other said in Switch OpenVPN to IPv6:

you write that you want to change to IPv6 udp for openVPN but your screenshot shows you configured TCP port 1194...might be a problem, since UDP 1194 is standard port for openVPN (default), with TCP most ppl chose 443 (in order to reach your VPN in strict surroundings > hotel where UDP ist closed).

I made a mistake, I changed it to IPv6 UDP (1194).

That was the problem. Now it works :-)