Menu
What's new
By:
Filters Better Search

OpenVPN and IPV6

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Vitaliy69

Vitaliy69

New Around Here
Hello!

I have the static native IPv6 network from my ISP. How do I allow clients to work through the IPv6 network?

I added to server user's settings:
proto udp6
server-ipv6 2002:d040:79a1:5::/64
push "route-ipv6 2000::/3"
push "dhcp-option DNS 2001:4860:4860::8888"

Then apply the firewall rules:
ip6tables -A INPUT -i tun21 -j ACCEPT
ip6tables -A FORWARD -i tun21 -j ACCEPT
ip6tables -I INPUT -p tcp --dport 1194 -j ACCEPT
ip6tables -I INPUT -p udp --dport 1194 -j ACCEPT

Add to the client settings tun-ipv6 option. The clients successfully got an IPv6 address, but IPv6 network is unreachable.

What am I doing wrong? Maybe some the firewall issue?

Thanks in advance!
 
Last edited:
I've read in some older threads that OpenVPN doesn't fully support IPV6, is that still the case for the latest builds?

I'm trying to connect to FrootVPN which uses IPV6 and so far I've been able to get it working on a desktop machine and a router that's running OpenWRT. Both of them I just used the ovpn file from Froot VPN and everything just worked, no problems getting it running.

I have an ASUS RT-N66U that's running 380.59 and when I try to setup the VPN client on it using the same file I just can't get it working. I can get the tunnel started and connected, but it's like nothing is getting routed over the tunnel to the VPN server. I'm wondering if it has to do with FrootVPN wanting to use IPV6.

Thanks
 
I have the same problem
When trying to set a connection with the provided .ovpn file I always get the same error:
openvpn[886]: PUSH: Received control message: 'PUSH_REPLY,ifconfig-ipv6 2a00:1a28:1558:15::1011/64 2a00:1a28:1558:15::1,dhcp-option DNS 46.246.83.225,redirect-gateway def1,redirect-gateway ipv6,redirect-gateway def1,route-ipv6 2000::/3,block-outside-dns,tun-ipv6,route-gateway 46.246.83.225,topology subnet,ping 10,ping-restart 160,ifconfig 46.246.83.243 255.255.255.224'
openvpn[886]: Options error: unknown --redirect-gateway flag: ipv6
openvpn[886]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:7: block-outside-dns (2.3.12)
openvpn[886]: OPTIONS IMPORT: timers and/or timeouts modified
openvpn[886]: OPTIONS IMPORT: --ifconfig/up options modified
openvpn[886]: OPTIONS IMPORT: route options modified
openvpn[886]: OPTIONS IMPORT: route-related options modified
openvpn[886]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
openvpn[886]: TUN/TAP device tun11 opened
openvpn[886]: TUN/TAP TX queue length set to 100
openvpn[886]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=1
openvpn[886]: /usr/sbin/ip link set dev tun11 up mtu 1500
openvpn[886]: /usr/sbin/ip addr add dev tun11 46.246.83.243/27 broadcast 46.246.83.255
openvpn[886]: /usr/sbin/ip -6 addr add 2a00:1a28:1558:15::1011/64 dev tun11
openvpn[886]: Linux ip -6 addr add failed: external program exited with error status: 2
openvpn[886]: Exiting due to fatal error

Don't know How to solve it.
Bye.
 
Vitaliy69 said:
Hello!

I have the static native IPv6 network from my ISP. How do I allow clients to work through the IPv6 network?

I added to server user's settings:
proto udp6
server-ipv6 2002:d040:79a1:5::/64
push "route-ipv6 2000::/3"
push "dhcp-option DNS 2001:4860:4860::8888"

Then apply the firewall rules:
ip6tables -A INPUT -i tun21 -j ACCEPT
ip6tables -A FORWARD -i tun21 -j ACCEPT
ip6tables -I INPUT -p tcp --dport 1194 -j ACCEPT
ip6tables -I INPUT -p udp --dport 1194 -j ACCEPT

Add to the client settings tun-ipv6 option. The clients successfully got an IPv6 address, but IPv6 network is unreachable.

What am I doing wrong? Maybe some the firewall issue?

Thanks in advance!
Click to expand...

Hi there -

Use -I instead of -A to place the rules in front instead of at the back - somehow that made a difference some of the other rules in the list must be interfering with it. Worked for me after several hours of fiddling! :)
 
You must log in or register to reply here.

Similar threads

H
Solved Beginners firewall question.
Replies
6
Views
786
Henk-J
H
M
IPv6 and Router Advertisement adding route to delegated /56 via WAN interface
Replies
0
Views
206
MrC99
M
M
Blocking IPv6 clients to stop VPN circumvention
2
Replies
26
Views
2K
jimbobub
J
Tom Jo-Jo Junior Shabadoo
VPN as server - ipv4 over ipv6
Replies
0
Views
499
Tom Jo-Jo Junior Shabadoo
Tom Jo-Jo Junior Shabadoo
G
VPN Client with Public IP, split tunnel web server over VPN and other traffic not on the VPN
Replies
4
Views
401
Grefyne
G
Similar threads
Thread starter Title Forum Replies Date
M OpenVPN / site to site with special security/routing constraints Asuswrt-Merlin 7
R OpenVPN keeps on turning itself off Asuswrt-Merlin 37
M Best router for wireguard or openVPN Asuswrt-Merlin 1
W OpenVPN Server set to LAN only allows browsing Asuswrt-Merlin 14
A Upgraded my ASUS, issues with NordVPN via OpenVPN Asuswrt-Merlin 4
G openvpn server: can not change/select data cipher Asuswrt-Merlin 1
Blankedy AC86U OpenVPN server whilst in AP mode Asuswrt-Merlin 3
M For AX68U and AX86S Merlin users: openvpn server - max user qty? Asuswrt-Merlin 1
L Openvpn internal error add route Asuswrt-Merlin 0
B No internet after turn on OpenVPN client Asuswrt-Merlin 4

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 930 (members: 35, guests: 895)
Top