> Le 1 mai 2016 à 10:35, Olivier Mascia <[email protected]> a écrit :
>
>> That page is a little out of date in one respect: You can't mix traffic
>> with IPsec using IKEv1, but you can with IKEv2. So long as both sides
>> support IKEv2 you can carry IPv6 and IPv4 in P2 entries.
>>
>> FWIW, You can also tunnel both at once using OpenVPN.
>
I'm busy testing that but my IPv6 traffic doesn't cross the tunnel.
On Status / IPsec I'm seeing this, having defined two phase2 (one tunnel IPv4
and one tunnel IPv6):
10.0.0.0/16 Local: cb9f5c9f 10.1.1.0/24 Rekey: 694 seconds
(00:11:34) AES_GCM_16 Bytes-In: 5,376 (5 KiB)
fd00::/64 Remote: cd70616c fd01::/64 Life: 1495 seconds
(00:24:55) Packets-In: 64
Install: 2106 seconds
(00:35:06)IPComp: none Bytes-Out: 13,768 (13 KiB)
Packets-Out: 105
As far as *I* can tell, it looks fine.
The remote and local subnets are fine (match my LAN subnets). Of course I have
checked that I see the same thing reversed on the other end. On firewall rules,
IPSEC interface, I currently have two pass-through rules, one for IPv4 and one
for IPv6.
The other rules needed are supposedly added by pfSense (without displaying
them) as System / Advanced / Firewall - Disabled auto-added VPN rules is NOT
checked.
But are those auto-added suitable for passing both IPv4 and IPv6 inside the
tunnel?
Phase1 is setup using IPv4 / IKEv2.
One Phase2 is tunnel IPv4 and the other is tunnel IPv6.
One end is 2.3-REL, the other one is 2.2.2-REL (which I cannot upgrade for the
time being).
Would someone have an idea, based on their own experience with IPsec and both
IPv4+IPv6, of what wrong in my setup to look for?
So much thanks for the help,
--
Meilleures salutations, Met vriendelijke groeten, Best Regards,
Olivier Mascia, integral.be/om
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
