Hi, On Thu, Aug 20, 2015 at 10:09:47PM -0700, joh...@fastmail.com wrote: > I'm trying to get ALL IPv6 traffic from the Client's LAN to go over the > OpenVpn link and out to & in from the net.
Without having read the thread fully, what you need is the same you'd need
for an IPv4 setup:
- route the client LAN on the server side (route-ipv6, iroute-ipv6)
- turn on routing on the client (ipv6forward=1, depending on the
client OS)
- configure the client LAN address on all client LAN interfaces
- set up a default route on the "other boxes" to point to the client LAN
interface
the last two can be automated by running radvd on the client, announcing
an IPv6 default and prefix towards the LAN.
[..]
> local X.X.X.X
> server 10.0.0.0 255.255.255.0
> server-ipv6 2600:####:####:4dff::/64
> push "route 10.128.128.0 255.255.255.0"
> route 10.128.128.0 255.255.255.0
The server config is missing the "route-ipv6 ...:4d09::/64" to make the
/64 go into the tunnel.
> ccd/client.conf
> ifconfig-push 10.0.0.2 255.255.255.0
> ifconfig-ipv6-push 2600:####:####:4dff::2/64
> 2600:####:####:4dff::1
> push "route-ipv6 2000::/3"
> push "redirect-gateway-ipv6 def1"
> iroute 10.128.128.0 255.255.255.0
> ...
This is missing the "iroute-ipv6 ... 4d09::/64" so OpenVPN knows that
this /64 is on the client side.
You have the iroute for IPv4, so adding iroute-ipv6 for IPv6 *should*
be the logical conclusion... :-)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpnh0_ceJpmK.pgp
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
