I live in a remote area where the ISP doesn't give me an IPV6 address that I
need for getting to work stuff. So I've been working on a tunnel that'll get
me out to where there's IPv6.
A friend got me set up with an OpenVpn connection to his remote server. It's
an IPv4 tun-type tunnel that also allows IPv6 inside the tunnel.
Since he's got IPv6 access from his server I figured I should be able to get it
too via the tunnel.
So I set this up
his REMOTE-SERVER
eth0 X.X.X.X
2600:####:####:4d00::1/64
vpn0 10.0.0.1/24
2600:####:####:4dff::1/64
my LOCAL-ROUTER
eth0 Y.Y.Y.Y
vpn0 10.0.0.2/24
2600:####:####:4dff::2/64
eth1 10.128.128.1/24
2600:####:####:4d09::1/64
my LAN-PC
eth1 10.128.128.20/24
2600:####:####:4d09::2/64
He has a Shorewall firewall on his server so I set one up on mine too.
After a bunch of trial & error and doc-reading about Shorewall, even though it
was a bit complicated to understand it all, I managed to get some IPv6 access,
but only so far :-/
>From a console on LOCAL-ROUTER I can ping6 & traceroute6 anywhere to the net
>via IPv6. I can see the traffic in both Shorewall logs. Seems to work fine.
>From a console on LAN-PC I can ping6 to this side of the Openvpn tunnel
>LOCAL-ROUTER:vpn0:[2600:####:####:4d09::2].
But NOT to the other side REMOTE-SERVER:vpn0:[2600:####:####:4d09::1]. Just no
response.
So I turned on some accept-all test rules in the firewalls on both Vpn ends,
but when I ping from LAN-PC to REMOTE-SERVER I don't see any traffic in either
log!
I know I'm getting from the PC to the LOCAL-ROUTER because of the ping. But I
can't get past it. So I'm probably missing something important.
What do I need to turn on in Shorewall to get this traffic through the OpenVpn
connection?
- John
------------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
