I have a Ubiquiti EdgeRouter X that works perfectly with both IPv4 and IPv6 from my ISP. Recently I’ve installed an OpenVPN client and I currently have IPv4 traffic going over the VPN.

I’m still wanting to support IPv6 but in a way that allows it to travel over the VPN. The VPN itself only supports connecting via IPv4 but does support IPv6 through the tunnel.

How can I configure the EdgeRouter X to do this?

For what it’s worth, here’s what I used to get IPv4 working:

set interfaces openvpn vtun0 config-file /config/auth/vpn-client.ovpn
set interfaces openvpn vtun0 description 'OpenVPN Client'
set service nat rule 5000 description 'OpenVPN Access'
set service nat rule 5000 log disable
set service nat rule 5000 outbound-interface vtun0
set service nat rule 5000 source address 192.168.143.0/24
set service nat rule 5000 type masquerade
set protocols static table 1 interface-route 0.0.0.0/0 next-hop-interface vtun0
set firewall modify openvpn_route rule 10 description 'OpenVPN'
set firewall modify openvpn_route rule 10 source address 192.168.143.0/24
set firewall modify openvpn_route rule 10 modify table 1
set interfaces switch switch0 firewall in modify openvpn_route
  • railsdev@programming.devOPEnglish
    1·
    1 year ago

    I’m not sure which this falls into: instead of LAN clients receiving the IPv6 router advertisement and addresses from the ISP, I’d rather they receive them from inside the VPN tunnel itself.

    Sadly the VPN server doesn’t have an IPv6 address to connect to but it does support IPv6 going through the tunnel.

    Basically I’m connecting to the VPN server via IPv4 but want to route IPv6 through the tunnel.

    • notfromhere@lemmy.oneEnglish
      2·
      1 year ago
      1. Configure your router to request two IPv6 subnets from ISP.
      2. Set one subnet for local use, set second subnet for serving to inside VPN tunnel clients
      3. Configure VPN listening protocol to proto udp to listen on IPv4 and server-ipv6 to assign IPv6 to inside tunnel IPs.

      Never done that before but should be possible.

      • railsdev@programming.devOPEnglish
        1·
        1 year ago

        So after working on this for hours and even using ChatGPT to help me out I realized the VPN provider only supports IPv6 over WireGuard.