Bug #9212
closed
OpenVPN Client can't connect over IPv6 in "multihome"
Added by benoit moreau almost 6 years ago.
Updated about 5 years ago.
Description
When the protocol option is set to "UDP IPv4 and IPv6 on all interfaces (multihome)", the OpenVPN Client will fail to connect over IPv6 and will return to IPv4 to work after about 1 minute.
In log I have:
write UDP: Can't assign requested address (code=49)
It works over IPv6 when I set the protocol option to "UDP over IPv6 only"
Files
- Status changed from New to Incomplete
The description is a bit vague:
- Is pfSense the server in this scenario, or the client?
- If the client is not pfSense, is this error observed in the client or server logs?
In other words: Is the server set to multihome and a remote client fails to connect, or is pfSense acting as a client set to multihome connecting to a remote server?
Also, does the device encountering the error have a usable (GUA, not link-local) IPv6 address?
Oh, I totally forgot about this problem.
I finally found the solution and I think the problem comes from OpenVPN and not from pfSense.
This is not easy to explain, so when the client connects to the VPN, OpenVPN uses the IPv6 address of the incoming interface to bind the connection and fails when the incoming interface has no public IPv6 (link-local)
You can see my configuration in the image.
And the workaround is just to add an public IPv6 as "virtual IP" on the WAN interface and change the DNS entry.
- Status changed from Incomplete to Not a Bug
OK, that does sound more like an OpenVPN or config issue.
Also available in: Atom
PDF
Updated by 
Updated by 