Hi,
I try to use ipv6 udp as a transport between win10 client and linux server (tun). Server side (arch linux) has privacy extension for IPv6 ON.
What impressed me, the connection fails on TLS error just at the very beginning. This is because the server response is from another ipv6 address than client comunicates to. Server frame is received from "temporary dynamic" address, which simply generates error.
Is there any way to work with privacy extensions?
Regards,
Jacek
IPv6 privacy extension on server side
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 1
- Joined: Sat Nov 11, 2017 10:17 pm
-
- OpenVpn Newbie
- Posts: 1
- Joined: Sun Oct 18, 2020 11:10 am
Re: IPv6 privacy extension on server side
Hi jacgl
I have the exactly same issue, it is only a few years/releases later (2.5 rc2) and my server is a windows machine. The OpenVPN server replies on a temporary IPv6 address when it got contacted before on it's permanent IPv6 address by the client. It fails - in a first place because firewalls will block the reply due to the unknown sender address.
Did you get any hints how to work around this issue without switching off the privacy extension?
Ronald
I have the exactly same issue, it is only a few years/releases later (2.5 rc2) and my server is a windows machine. The OpenVPN server replies on a temporary IPv6 address when it got contacted before on it's permanent IPv6 address by the client. It fails - in a first place because firewalls will block the reply due to the unknown sender address.
Did you get any hints how to work around this issue without switching off the privacy extension?
Ronald