OpenVPN server with IPv6 only, IPv4 only and dual-stack clients

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
kocsisk
OpenVpn Newbie
Posts: 1
Joined: Fri Jul 31, 2020 7:16 am

OpenVPN server with IPv6 only, IPv4 only and dual-stack clients

Post by kocsisk » Fri Jul 31, 2020 8:10 am

Greetings!

What I am trying achieve is running an openvpn server on an Ubuntu 18.04.1 machine that is able to receive connections from IPv4/IPv6 clients. The server is provisioned in Azure. I didn't really find anything about how the client and server configurations vary in such case. I somehow managed to expose the port of the OpenVPN service to udp6 to a specific port (1198).

I also am not familiar with the purpose of all of the lines because of the lack of networking experience:
ifconfig-ipv6
push "route-ipv6...
push "redirect-gateway ipv6 def1 bypass-dhcp"

Here's my server config:
Server config

port 1198
proto udp6
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-crypt tc.key
topology subnet
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem
explicit-exit-notify

server-ipv6 ace:cab:deca:deed::4
tun-ipv6
push tun-ipv6
ifconfig-ipv6 ace:cab:deca:deed::1 2603:1020:702:3::2
# push "route-ipv6 ace:cab:deca:deed::/64"
push "redirect-gateway ipv6 def1 bypass-dhcp"
push "route-ipv6 ::/0"


client config:
Client config

client
dev tun
proto udp6
remote "openVPN server IPv4" 1198
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
block-outside-dns
verb 3
<ca>
</ca>
<cert>
</cert>
<key>
</key>
<tls-crypt>
</tls-crypt>
Last edited by Pippin on Fri Jul 31, 2020 8:14 am, edited 1 time in total.
Reason: Formatting

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN server with IPv6 only, IPv4 only and dual-stack clients

Post by TinCanTech » Fri Jul 31, 2020 12:23 pm

kocsisk wrote:
Fri Jul 31, 2020 8:10 am
I also am not familiar with the purpose of all of the lines
Start with the documentation.
kocsisk wrote:
Fri Jul 31, 2020 8:10 am
because of the lack of networking experience
I am available for hire.

tincanteksup <at> gmail dot com

Post Reply