Todo #1373
closedUpgrade OpenVPN
0%
Description
OpenVPN needs to be upgraded to current code, upgrading to openVPN mainline breaks various OpenVPN servers.
IPv6 support needs to be built into the current openvpn code, what is currently there does not allow for dual stack access.
This post on the HE.net tunnelbroker forum point to a alternate code branch that adds the server-ipv6 config items to allow for dual stack access.
http://www.tunnelbroker.net/forums/index.php?topic=1542.0
http://www.greenie.net/ipv6/openvpn.html
Updated by Seth Mos over 13 years ago
Needs to have this fix to make OpenVPN 2.2-RC2 work.
http://openvpn.git.sourceforge.net/git/gitweb.cgi?p=openvpn/openvpn-testing.git;a=commitdiff;h=272aef2f0fd6b8c81c397fc32a503776e2b4bef1
Add patch from https://github.com/jjo/openvpn-ipv6/downloads for proper IPv6 support.
Updated by Seth Mos over 13 years ago
Added the IPv6 payload patch from Gert Doering for full IPv6 support.
Updated by Seth Mos over 13 years ago
The current openvpn-ipv6 port has both the endpoint and payload patch for IPv6. The current installer we include in the .tgz of the website is 2.1.3 and they just released 2.2.0.
This means we need to import openvpn 2.2.0 and the windows 2.2.0 installer anyhow. Please make sure that the IPv6 patches are included. This makes us the first publicly available IPv6 OpenVPN capable firewall.
The openvpn installer from Gert Doering includes the required IPv6 support. http://www.greenie.net/ipv6/openvpn-2.x-testing-93dc9179e978-install.exe
We also need to fix the client exporter in the sense that it needs to be able to support tun-ipv6 for the clients. 2.2.0 release will ignore that option, the client with support will pick it up.
Updated by Seth Mos over 13 years ago
Change for the netsh interface on windows 7, use set address, instead of add address. Otherwise the command will exit with code 1 if it already exists. (e.g. reconnect).
Updated by Seth Mos over 13 years ago
- Status changed from New to Resolved
This code is already checked in and the client exporter supports the new options as well. Furthermore the client exporter has a testing 2.3 client that supports IPv6 as well. Should just work.