• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

VPN with ipv6 and ipv4 addresses?

Started by majestic, December 12, 2010, 04:46:07 PM

Previous topic - Next topic

majestic

Hi there,

I currently run a Linux VPN server using acel-pptp which is a modified version of poptop using a kernel module to boost performance. When a VPN user connects, they will be given a private IP (172.20.0.48/28 or 172.20.2.64/28 depending on if they are allowed internet access via the vpn server or not).

I am now fully ipv6 enabled on my whole network thanks to HE and also Sarge certifed, however what I would now like to do is also give/allocate an ipv6 address to each VPN user as they connect as well as still keep the ipv4 private block. This would then allow users to access all ipv6 and ipv4 sites. 

However, I cant seem to work out how to accomplish this. So my question is, has anyone had any experience with poptop using ipv6 and ipv4 addresses for clients? And if so do you have any pointers or tips/advise so I can make this happen.

I have done quite a bit of research already and from what I understand pppd needs to be adjusted. I have looked at how but, cant seem to make it work. I just seem to break the whole VPN when I do.

All other services such as dns/mail/web/ftp etc are now running ipv6, its just PPTP/PPPD needs to be configured and that should be the last main daemon to be IPv6 ready.

Any help would be extremely grateful,

Kind Regards,

Majestic

antillie

#1
While I have not played with poptop I have done what you are describing with Cisco's AnyConnect SSL VPN client and an ASA firewall.

I just sliced another /64 off of the /48 HE gave me and set it up as an address pool for VPN clients in addition to the existing IPv4 address pool. It works great and even gives connected clients access to the IPv6 internet via the tunnel. (Now if only Cisco would add IPv6 support to their IPSec VPN client.)

So what you are describing is certainly possible I just have no idea if poptop has the feature set to do it. I suspect that they simply haven't written the code to enable this sort of thing in poptop yet. But I could be wrong.

jimb

Not sure if PPTP supports IPv6 as a payload or not, but it should since it's basically GRE.  Not sure if it can use IPv6 as a transport either.

I think the newest version of OpenVPN has IPv6 support, however.