Hello list, I might have a partial clue to my issues getting IPsec (phase1 IPv4 + 2 phase2 IPv4 and IPv6) to work correctly regarding IPv6. To synthesize the issue, I have the IPv4 tunnels on easily. The IPv6 tunnel shows up, but no traffic flows the tunnel.
Since then, I have had the opportunity to redo that setup between two other site, and there it works. The difference? The tunnel that works doesn't use NPt. The tunnel that I can't get IPv6 flowing through have NPt on both ends. Would there be a known impossibility here? This works: IPv4 Phase1 between to end-points (both are 2.3-REL), with two phase2 (one IPv4 tunnel between 10.49.0.0/16 and 10.32.0.0/16 and one IPv6 tunnel between a.b.c.d:://64 and a.b.c.e::/64 which are the subnets configured on LANs - no NPt here in the game). This does not work : IPv4 Phase1 between to other end-points (one is 2.3-REL, on is 2.2.2-REL), with two phase2 (one IPv4 tunnel between 10.0.0.0/16 and 10.1.1.0/24 and one IPv6 tunnel between fd00:://64 and fd01::/64 which are the subnets configured on LANs - NPt is used on these systems). Any idea or explanation? I fear NPt gets in the way of the decision routing before entering the tunnel. Could this be worked around? -- Meilleures salutations, Met vriendelijke groeten, Best Regards, Olivier Mascia, integral.be/om _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
