How to connect to the VPN server via IPv6?

[laichiaheng]

Checklist

• [x] I read the README
• [x] I read the FAQ
• [x] I searched the issues
• [x] My issue is about the script, and not OpenVPN itself

Describe the issue If I chage the IP address in ovpn file to IPv6 address, it fails to connect.

To Reproduce Steps to reproduce the behavior:

1. Edit the ovpn file.

Expected behavior It connects to my VPN server.

Logs If applicable, add logs or screenshots to help explain your problem.

If you can reproduce the issue, please run the script in debug mode and post the output: bash -x openvpn-install.sh

Server if applicable):

• OS: Manjaro
• Hosting provider (if applicable): I don't know.

Client (if applicable):

• Device: PC
• OS: Manjaro
• Client: NetworkManager

Additional context Add any other context about the problem here.

[randshell]

If I chage the IP address in ovpn file to IPv6 address, it fails to connect.

You have to edit other things too: set iptables for IPv6, enable IP forwarding for IPv6, change the NIC. I think it would be easier to reinstall with IPv6 support enabled.

[laichiaheng]

If I chage the IP address in ovpn file to IPv6 address, it fails to connect.

You have to edit other things too: set iptables for IPv6, enable IP forwarding for IPv6, change the NIC. I think it would be easier to reinstall with IPv6 support enabled.

Could you teach me how to do that?

[randshell]

• Change the remote IP to the IPv6 one in /etc/openvpn/client-template.txt and update the .ovpn files you already generated.
• Append a 6 to the protocol in /etc/openvpn/server.conf. Example: proto udp6
• Add to /etc/openvpn/server.conf the lines:

  server-ipv6 fd42:42:42:42::/112
  tun-ipv6
  push tun-ipv6
  push "route-ipv6 2000::/3"
  push "redirect-gateway ipv6"

• Add net.ipv6.conf.all.forwarding=1 to /etc/sysctl.d/20-openvpn.conf and run sysctl --system
• Get the IPv6 interface with ip -6 route show default | sed -ne 's/^default .* dev \([^ ]*\) .*$/\1/p'
• Add to /etc/iptables/add-openvpn-rules.sh the lines:

  ip6tables -t nat -I POSTROUTING 1 -s fd42:42:42:42::/112 -o $NIC -j MASQUERADE
  ip6tables -I INPUT 1 -i tun0 -j ACCEPT
  ip6tables -I FORWARD 1 -i $NIC -o tun0 -j ACCEPT
  ip6tables -I FORWARD 1 -i tun0 -o $NIC -j ACCEPT
  ip6tables -I INPUT 1 -i $NIC -p $PROTOCOL --dport $PORT -j ACCEPT

  $NIC is the the IPv6 interface from the step before, $PORT is the port and $PROTOCOL is the one with the 6 appended.

• Add to /etc/iptables/rm-openvpn-rules.sh:

  ip6tables -t nat -D POSTROUTING -s fd42:42:42:42::/112 -o $NIC -j MASQUERADE
  ip6tables -D INPUT -i tun0 -j ACCEPT
  ip6tables -D FORWARD -i $NIC -o tun0 -j ACCEPT
  ip6tables -D FORWARD -i tun0 -o $NIC -j ACCEPT
  ip6tables -D INPUT -i $NIC -p $PROTOCOL --dport $PORT -j ACCEPT

• You may want to add some IPv6 DNS too. Example: push "dhcp-option DNS 2a00:5a60::ad1:0ff"

Restart the OpenVPN service or reboot and let me know if it worked for you.

I'm sorry for my previous answer suggesting a re-installation.

[antnb]

sory if hijack the thread ..i dont want to open new issue as mine morelikely are just feature questions

is it posible to suplied more than 1 port on udp? for example single configuration for port 53 and 9201