firstly I want to thank everyone involved for providing this great software and the support.
I would like to use IPv6 tunnel with OpenVPN to my server, which has native IPv6 connectivity.
I'm using this setup on my PC without any issues so I know my openvpn configuration on the server is working (but maybe there are some additional push rules necessary to solve the issue I have). You can find the config below.
However, I would like to use this setup on my WNR3500Lv2, so I can use ra to provide this IPv6 connection to all clients in my home network and don't have to open a tunnel from each device on its own.
On my WNR300Lv2 I've installed the latest tomatoUSB build 110 by shibby (this one has OpenVPN 2.3.2). On my server OpenVPN 2.3.2 is running.
I've activated IPv6 in the "Basic" menu and choose "manual" in order to activate IPv6 for the router's devices.
The weird issue I have is this:
When I configure my OpenVPN server to provide only an IPv4 tunnel, everything works fine on the router. It establishes a connection and I can ping the server from the client (my router) and vice versa.
When I then add the rule to provide IPv6 as well (by adding "server-ipv6 <my-IPv6-subnet>") a connection is established and the tun device gets an IPv6 address assigned by the server as well as the IPv4 address. But unfortunately I can not ping anything then. Neither IPv4 nor IPv6 address of the server or client.
However, when I ping the IPv4 address of the OpenVPN server from the client, I see the following log entries in the openvpn-server.log:
IP packet with unknown IP version=0 seen
Since it is working on my PC, I guess it is an issue with my client setup on the router. I would be glad, if someone could give me a hint, on what I'm missing here. Is there any additional option I need to use in order to get this dual stack tunnel working on my router?
Thanks in advance, aibo
My OpenVPN server config:
local <my-servers-IP> port 61194 proto udp dev tun ca /etc/openvpn/ca.crt cert /etc/openvpn/server.crt key /etc/openvpn/server.key # This file should be kept secret dh /etc/openvpn/dh2048.pem server 10.8.2.0 255.255.255.0 server-ipv6 2001:db8:81:23::/64 push "route-ipv6 ::/0" ifconfig-pool-persist ipp.txt keepalive 10 120 tls-auth /etc/openvpn/server/ta.key 0 # This file is secret comp-lzo persist-key persist-tun status openvpn-status.log log-append /var/log/openvpn-server.log verb 3
OpenVPN client config on the router:
daemon client dev tun11 proto udp remote <my-servers-IP> 61194 resolv-retry 30 nobind persist-key persist-tun comp-lzo adaptive verb 3 tls-auth static.key 1 ca ca.crt cert client.crt key client.key status-version 2 status status