Has anybody gotten the OpenVPn wizard to actually work with ipv6?
Doesn't seem to work for me.
On the step where it asks for the Tunnel network, it won't take the ipv6/64 net I give it, error message says it needs an ipv4 network? I go ahead and give it a 10.x.x.x/24 to get past the step.
Then when it finishes the wizard the firewall rule it creates on the WAN is for ipv4 only? What good is that for ipv6? I manually change it to ipv6/ipv4.
Still doesn't work properly. I can get it to connect internally, but not external.
My goal is to get it to work for ipv4 and ipv6 on the external interface, but all of my internal network is ipv6.
JKnott last edited by
When I set up my VPN, I had no problem setting it up to carry both IPv4 and IPv6. However, the tunnel is configured to be carried on IPv4 only, due to DNS issues. Is that 10.x.x.x for the tunnel address or the transport?
In the wizard it asked for a tunnel address and I gave it a 10.23.70.0/24, which let me proceed. I think I tried to add ipv6 subnet on the same line but I don’t think it liked that. I have a /56 and want to delegate my prefix 70 to the VPN.
After the wizard finished I manually added my ipv6 prefix to the ipv6 tunnel. I also manually added firewall rules to pass the ipv6 traffic out of the OpenVPN interface. I also added both ipv6 and ipv4 address of the interface for DNS. It seemed to kind of work when I connect locally but not remotely. It connects and I see it gets local addresses on my iPhone but unable to open web pages.
It is in a VM and I did a checkpoint first so I am thinking I will roll it back and try to manually create it without the wizard today.
I have not been able to find a guide that doesn’t just hand wave ipv6.
What I am trying to accomplish, is to be able to remotely connect from an iPhone or iPad to an internal ipv6 only host. Most of the time the external connection is cellular so ipv6. However I also want to cover the case where I am connected to a WiFi with ipv4 only.
I probably should also be looking at IPSec but the documentation is confusing to me.
JKnott last edited by
I think I tried to add ipv6 subnet on the same line but I don’t think it liked that. I have a /56 and want to delegate my prefix 70 to the VPN.
That's likely your problem. There are 2 separate Tunnel Settings boxes for IPv4 and IPv6
I think I will put this on hold for a while and read the documents some more and look at ipsec vs OpenVPN. Since I am only using iPhone and ipad as remote clients, to see which plays best with ipv6.
The wizard only fully supports IPv4. There is a selection in the protocol for IPv6 but only because that box mirrors what is available in the server configuration page.
Though you can easily add IPv6 to an existing VPN by setting appropriate IPv6 tunnel networks, routes, and firewall rules.