[solved] IPv6 Traffic not routed via IPsec
-
Hi,
I'd like to test to handout IPv6 GUAs to my IPSec clients. Therefore I configured IPsec to use also an IPv6 address pool (xxxx:xxxx:xxxx:xx80::/64 is currently not in use of cause):
(currently I have a dynamic changing prefix, but that's another topic, see other post). This works. My clients get an IPv6 GUA, that looks just fine and also in the pfSense GUI I can see the expected information:
The strange thing is: I can't reach anything via this address. Of cause the firewall rules do allow traffic to my home net and also to the internet. But on the client I'm always running into timeouts when using IPv6 (ping6, ssh, ...).
I also included a "catch all" firewall rule in the IPSec tab at the end to reject and log everything, that wasn't allowed. I don't see any log entries in the firewall log.
This leads me to the conclusion, that pfSense probably doesn't know, how to route die IPv6 IPsec traffic?!? What am I missing?I also added IPv6 support to OpenVPN. This works just fine without any additional configuration.
Thanks
-
Ok, I was stupid.
My Phase2 was not configured correctly.
"Local Network" was set to ::/128 when it should have been ::/0It's now working