OpenVPN with IPv6 as transport



  • I want to remotely access my internal network via IPv6. Using IPv4 is not an option as my provider uses carrier-grade NAT. In pfSense 2.1.4, the OpenVPN wizard reports an error when I submit the form that includes the default 2001:DB8::/64 network as the tunneled network.

    The error is "The field 'Tunnel Network' must contain only valid ipv4 CIDR range(s) separated by commas." It appears that the backend is unable to recognize an IPv6 network.

    Is there a workaround or fix for this apparent defect?

    Jeff L.



  • The wizard code does not have the IPv6 fields in it.
    So for that you have to create/edit yourself. I guess you could put some IPv4 numbers in the wizard to make it happy. Then edit the resulting OpenVPN Server, adding IPv6 information and removing IPv4 addresses you do not want.

    or, enhance the wizard code to include IPv6 fields and submit a pull request  ;)



  • Phil,

    Thank you. I will edit the file manually.

    If I knew php, I would definitely take the time to give back to the community.

    Jeff L.



  • Sorry, I mena create/edit using the normal GUI pages rather than the wizard! You do not need to actual do any text file editing.



  • I was successful editing using the GUI.

    Unfortunately, the OpenVPN windows client can't parse an IPv6 address and can't resolve a host with only an AAAA record.

    Fri Nov 14 19:27:33 2014 RESOLVE: Cannot resolve host address: xxx.xxx.duia.us: The requested name is valid, but no data of the requested type was found.
    Fri Nov 14 19:27:38 2014 RESOLVE: Cannot resolve host address: xxx.xxx..duia.us: The requested name is valid, but no data of the requested type was found.

    Off to the OpenVPN forum…