M. Schmidt

Asked: 2015-11-19 20:48:02 +0800 CST2015-11-19 20:48:02 +0800 CST 2015-11-19 20:48:02 +0800 CST

Routing IPv6-traffic from client via OpenVPN-server

For playing and learning purpose i set up an OpenVPN-server. Im currently attached to a network without IPv6. Because of that, I would like to route all IPv6-traffic via the VPN. With IPv4 and iptables-Masquerading this already works perfectly well.

Now to IPv6: I set up IPv6 inside the network. Im able to establish connections and pings (ping6) between the client and the server inside the network.

The forwarding of the kernel of the server is activated. The server has IPv6 connectivity to the outside.

I tried this setting:

push "route-ipv6 2000::/3"

and

push "route-ipv6 <my IPv6>"

If I want to ping some address on the "outside":

ping6 ipv6.google.com
connect: Network is unreachable

Even, if I set the correct interface with "-I tun2". (Just to make sure its not trying to use some other interface)

Now my configs and settings:

IP of the client:

inet6 addr: fdee:dead:b0b::1000/64

IP of the server:

inet6 addr: fdee:dead:b0b::1/64

The servers config:

port 443
proto udp
proto udp6
dev tun
tun-ipv6
ca ca.crt
cert server.crt
key server.key
dh dh4096.pem
auth SHA512
server 10.0.0.0 255.255.255.0
server-ipv6 fdee:dead:b0b::/64
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 10.0.0.1"
client-to-client
keepalive 10 60
tls-auth ta.key 0
cipher AES-256-CBC
comp-lzo
max-clients 3
user nobody
group nogroup
persist-key
persist-tun
log-append  openvpn.log
verb 4
nice -19

Thats my kernel settings regarding the forwarding:

net.ipv4.conf.all.forwarding = 1
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.lo.forwarding = 1
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.venet0.forwarding = 1
net.ipv4.conf.venet0.mc_forwarding = 0
net.ipv4.conf.tun0.forwarding = 1
net.ipv4.conf.tun0.mc_forwarding = 0
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.all.mc_forwarding = 0
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.default.mc_forwarding = 0
net.ipv6.conf.lo.forwarding = 1
net.ipv6.conf.lo.mc_forwarding = 0
net.ipv6.conf.venet0.forwarding = 1
net.ipv6.conf.venet0.mc_forwarding = 0
net.ipv6.conf.tun0.forwarding = 1
net.ipv6.conf.tun0.mc_forwarding = 0

I would really appreciate if someone could lead me in the right direction.

Routing IPv6-traffic from client via OpenVPN-server

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Routing IPv6-traffic from client via OpenVPN-server

0 Answers