Feature #6483
closed
Add OpenVPN redirect-gateway option for IPv6
0%
Description
When the OpenVPN Redirect Gateway (Force all client generated traffic through the tunnel) option is checked for an OpenVPN server and a client connects from a network with both IPv4 and IPv6 support, the IPv6 traffic not destined for the LAN network bypasses the OpenVPN tunnel.
Updated by Steve Matos over 8 years ago
If I add something like push "route-ipv6 2000::/3"; to my custom options it will get IPv6 to work though the tunnel, but that's kind of a hack. I'm guessing the default IPv6 gateway doesn't get pushed out upon connection.
(Note: Can someone with access please correct my spelling errors in the title?)
Updated by Chris Buechler over 8 years ago
- Tracker changed from Bug to Feature
- Subject changed from OpenVPN Redirect Gateway Doen't work for IPv6 Traffice to Add OpenVPN redirect-gateway option for IPv6
- Category set to OpenVPN
the existing option only adds the redirect-gateway def1, for IPv6 OpenVPN needs redirect-gateway-ipv6. That ought to be a separate checkbox as people might want one and not the other, and that way the behavior isn't changed for existing systems.
You can just add a 'push "redirect-gateway-ipv6 def1"' to the server's advanced options to accomplish that.
Updated by Chris Buechler over 8 years ago
also should fix the show/hide of "remote networks" fields accordingly while doing this, so only v4 shows/hides with the v4 redirect-gateway checkbox, only v6 with the v6 equivalent.
Updated by Greg M over 8 years ago
Chris Buechler wrote:
You can just add a 'push "redirect-gateway-ipv6 def1"' to the server's advanced options to accomplish that.
Not true.
This is NOT working, you have to add push "route-ipv6 2000::/3"; to get it working.
Updated by Chris Buechler over 8 years ago
Greg M wrote:
Not true.
This is NOT working, you have to add push "route-ipv6 2000::/3"; to get it working.
then that option is broken in OpenVPN itself in your case, and you should report it there.
Updated by Jim Pingle about 7 years ago
- Status changed from New to Duplicate
OpenVPN has a native flag for this now, closing in favor of #8082 since the info here is outdated and that one is current.