IPv6 only VPN
I need to setup a Client-VPN and Site-to-Site to Pfsense, and I only have IPv6, no IPv4.
I read possibilities to tunnel IPv6 through a IPv4 VPN, but this not an option as I dont have IPv4.
Is there a way to accomplish that with Pfsense?
Any pointers would be welcome.
IPv6 VPN should work same as IPv4 from the interface!
Ok, I tried again.
Unfortunately the Client cannot connect to the PFsense server yet.
First of all I have the following situation:
- The Pfsense FW has a true IPV6 IP address on the internet.
- My OpenVPN client has only IPv4, I am using Teredo to connect using IPV6 (this works Ok, can connect to internet sources using Ipv6). Is it even possible to use a IPv6 VPN through a Teredo connection?
I installed the VPN server and installed the client on my Win8 PC, but cannot connect at all.
To configure OpenVPN I used the following guide: https://chubbable.com/setup-openvpn-pfsense
What I did:
- Setup CA
- Installed Pfsense VPN Server certificate on PFsense
- Created a user
- Created a user certificate
- installed the client export utility
Because I cannot seem to use the Wizard (see notable things below), I create the Open VPN server manually with settings:
- Protocol: UDP6
- Device mode : Tun
- Ipv4 Tunnel network address set to a fantasy Ipv4 address I do not have on the WAN interface
- Ipv6 Tunnel network address set a real Ipv6 internet Address in the range of the WAN interface
- Opened up FW rules for the OpenVPN interface
- Opened up FW rules on the WAN interface
- Export Client Package and installed on my win8 PC.
- It cannot connect at all. Error : "Connecting to client failed"
- Cant find any logs on the client.
- I dont see any traffic in the Pfsense logs when trying to connect from the client.
Notable thing I run into:
When using the wizard to create a new Open VPN server, It requires me to use an IPv4 address for the Tunnel network. I only have IPV6. Error when saving: " The field 'Tunnel Network' must contain only valid ipv4 CIDR range(s) separated by commas. " Is this to be expected?
When not using the wizard, I can configure an IPv6 Tunnel Network Address, but I also MUST configure a IPv4 Tunnel Network address, If I don't error: "The field Tunnel network is required." Is this to be expected?
Well, got it working.
I tried over from another pc, which has a true IPV6 address.
I can now setup the IPv6 OpenVPN tunnel.
Also I can now access IPV4 resources on the LAN, Through the IPv6 tunnel.
I gave up trying through Teredo