Unable to connect to openvpn over IPV6

[do02fw]

IMPORTANT NOTE Bugs about OpenVPN Access Server, OpenVPN Connect or any other product by OpenVPN Inc. should be directly reported to OpenVPN Inc. at https://support.openvpn.net

Describe the bug A clear and concise description of what the bug is. Unable to connect to openvpn over IPV6

To Reproduce Steps to reproduce the behavior. Please make sure to not post any secrets like keys and passwords.

I changed server.conf to UDP6 and the IP in client.vpn is an IPV6 address, and my connection using the openvpn client shows infinite wait. This is my config file, client dev tun proto udp remote 2406:da18:xxxxx 443 resolv-retry infinite nobind persist-key persist-tun mtu-disc yes remote-cert-tls server auth SHA512 ignore-unknown-option block-outside-dns SHA512 ignore-unknown-option

Expected behavior A clear and concise description of what you expected to happen.

Connecting to an IPV6 openvpn server

Version information (please complete the following information):

• OS: [e.g. Ubuntu 22.04]
• OpenVPN version: [e.g. 2.5.8]
• Repeat for peer if relevant Debian12.5 Additional context Add any other context about the problem here.

[ordex]

This is likely a problem with your network or network configuration. Does the server show any connection attempt? If not, it means your client is not able to reach your server using IPv6.

[cron2]

Well, there's a number of aspects here.

First, test that your client machine has working IPv6 support. On a normal PC, run ping6 target-ipv6-address. The screenshot above seems to be from a mobile device using Connect, so you can try going to http://v6.de to see if the v6 iframe works (post screenshot).

If there is no working v6 connectivity, VPN cannot work.

Even if you can ping6, there might still be a firewall on the server side, or on the router in front of the server, that will not permit OpenVPN packets.

Unfortunately, we can not help you with either of these questions - but we can assure you, OpenVPN works, in all versions (your issue is missing to specify what exactly you are using...), using IPv6 transport.

[do02fw]

Can you provide the documentation of the IPv6 connection, my network has an IPv6 address, and the server also has it, but it just can't be connected, I don't know where the problem is, and my port is also open.

[cron2]

This issue tracker is for bugs in the software (and in particular not for OpenVPN Connect).

For general network questions, your local network admin is the right person to talk to.

[do02fw]

My server has an IPv6 address, the ping www.google.com returns IPv6, my client also has it, and my server sysctl also has IPv6 forwarding, including iptabl also enabled IPv6 forwarding, but I just can't connect, I use Amazon's server.

[do02fw]

I'm using openvpn installed with this script. https://github.com/Nyr/openvpn-install

[cron2]

I'm using openvpn installed with this script. https://github.com/Nyr/openvpn-install

My crystal ball is not working very well, and this is not an installer made by us. So maybe talk to them?

I guess that on AWS you need to enable the ports used by OpenVPN in your AWS firewall settings - but maybe the installer does this automatically, I don't know.

[do02fw]

I connect to the server's IPv4 can be connected successfully, and after the connection, it will have both IPv4 + IPv6 network, but if I connect to the server's IPv6 will be unresponsive, I looked at the configuration method on the official website, and I didn't find any errors, https://openvpn.net/community-resources/reference-manual-for-openvpn-2-6/#encryption-options, my firewall is open.

[cron2]

This issue is outside OpenVPN, and also totally outside the scope of this issue tracker, which is about bugs in OpenVPN, not about user support.

Regarding firewall: AWS has separate firewalls for IPv4 and IPv6, so you need to open both. Then you should see packets arrive on the OpenVPN process (if that one is running dual-stack -> set proto udp6 on the server, if running on Linux!).