Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN IPv6 tunnel issue…

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dkbrig
      last edited by

      It appears that several years ago this issue was resolved when using IPv4, however it still seems to exist when using IPv6.  The issue in question is:

      https://redmine.pfsense.org/issues/1025

      I have an IPv6 OpenVPN client set up, if I leave "Local port" blank or set it to "0", in the configuration file I get the following parameters set:

      local 2001:XXX:XXXX:XX::X
      nobind
      management /var/etc/openvpn/client5.sock unix
      remote 2a02:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx XXXX

      The local and nobind directive do not go together and therefore cause an error, so the OpenVPN client doesn't start:

      Jan 16 06:56:15 openvpn 71074 Use –help for more information.
      Jan 16 06:56:15 openvpn 71074 Options error: --local and --nobind don't make sense when used together

      I might add that I am using an IPv6 tunnel broker, so my IPv6 interface is separate than my IPv4 interface.

      I am able to work around by actually specifying a local port other than 0.  Or I can go into the pfSense shell and manually edit the client configuration to remove the nobind directive.

      With IPv4, and not specifying the "Local port" parameter, it creates the following relevant entries in the client configuration file:

      local 68.xxx.xxx.xxx
      lport 0                        <------------------------------------- WORKS ------------------------
      management /var/etc/openvpn/client1.sock unix
      remote xxx.xxx.xx xxx

      The only difference in my client configuration I use an IPv6 tunnel interface and specify UDP6 as the protocol, the other I specify my WAN interface and UDP as the protocol.  And of course, different IP addresses for the different interfaces.

      Anyway, it appears there is different behavior in creating the OpenVPN client configuration file, depending on whether you use UDP or UDPv6 as the protocol.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        I fixed this a few days ago on 2.4: https://github.com/pfsense/pfsense/commit/b42ccf1504eca5e40bfb49b0afb688fffe293a7a

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • D
          dkbrig
          last edited by

          Thanks!  I will wait for 2.4 then…

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.