Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec tunnel ending at IPv6

    Scheduled Pinned Locked Moved IPv6
    5 Posts 3 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Bai Shen
      last edited by

      I'm using pfSense 2.0.3.  I have "Allow IPv6" unchecked.  "IPv6 over IPv4 Tunneling" is unchecked as well.  I have created an IPSec VPN and can successfully connect from my phone.  Whenever I connect using the VPN, I connect to the internet via IPv6, and as such most of it doesn't work.

      Any idea why I would be using IPv6 when connecting via IPSec and how to turn it off?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • R
        razzfazz
        last edited by

        Are you sure this isn't just a case of the VPN not working at all (effectively killing IPv4, if you set it to route everything through the VPN) and (untunneled) IPv6 being all that's left for the client?

        1 Reply Last reply Reply Quote 0
        • B
          Bai Shen
          last edited by

          That's probably the case.  I just didn't think of it originally. :)

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Even with those boxes set, 2.0.x did not support IPv6 in anything – especially IPsec. Those boxes would only allow you to pass IPv6 traffic to a firewall behind pfSense.

            You cannot mix IPv4 and IPv6 in an IPsec tunnel even on pfSense 2.1 where IPsec does support IPv6. The inner IP traffic family must match the outer IP traffic family. IPv4 tunnels can only carry IPv4, and IPv6 tunnels can only carry IPv6. So it's not very useful for what you're trying to do.

            On 2.1 with OpenVPN you can use both inside of an OpenVPN tunnel, including a remote access tunnel, as a way to get IPv6 Internet access over VPN.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • R
              razzfazz
              last edited by

              Note that he said '"Allow IPv6" unchecked' – he specifically does not want IPv6.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.