Routing problems with IPv6 over OpenVPN

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
ColinDexter
OpenVpn Newbie
Posts: 1
Joined: Wed Jul 18, 2018 6:49 am

Routing problems with IPv6 over OpenVPN

Post by ColinDexter » Wed Jul 18, 2018 6:57 am

'm trying to set up an OpenVPN server to enable clients to use its IPv6 subnet. The server is running Debian stretch. IPv4 connectivity works flawlessly but there are some strange issues with IPv6. The client does obtain an IPv6 address when it connects, but you can only ping the server itself (eth0).

The IPv6 address is assigned to eth0 from the subnet provided by my hosting provider and everything works from the server; for example, I can ping ipv6.google.com from it.

When I set net.ipv6.conf.all.forwarding = 1 the server lost it’s ipv6 adres on eth0.

I have from my provider a 2001:xxx:xxx:fe::/64 IPv6 address. And my server config looks like this:

Code: Select all

dev tun
tun-ipv6
proto udp
port 1194

ca ca.crt
cert server.crt
key server.key
dh dh2048.pem

server 10.8.0.0 255.255.255.0
server-ipv6 2001:xxx:xxx:fe::/64

push "redirect-gateway def1"

# your local subnet
push "route 192.168.12.0 255.255.255.0" 
push "route-ipv6 2000::/3"

push "dhcp-option DNS 192.168.12.1"

log-append /var/log/openvpn

remote-cert-tls client

persist-key
persist-tun
user nobody
keepalive 10 120
group nogroup
status /var/log/openvpn-status.log
verb 3
client-to-client
comp-lzo

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Routing problems with IPv6 over OpenVPN

Post by TinCanTech » Wed Jul 18, 2018 3:34 pm


Post Reply