[strongSwan] IPv6 Remote Access
dusan at comhem.se
Fri May 26 16:52:52 CEST 2017
My ISP have just recently enabled IPv6 in their network (well, 6RD
aactually) and I have it confiogured and working at the site.
I would now also like to enable it on my remote access VPN in Strongswan
too, so I made a try with the following config however it doesnt seem
work. According to Strongswan log the client asks for ipv6 (Android in
this case) and get's assigned one (global from my public prefix).
leftsubnet=0.0.0.0/0,2000::/3 (also tried with ::/0)
This is a test, so that's why Im only assigning one single IPv6 adress
for the time being. IPv4 works as expected, but I can't neither reach an
IPv6 internet site nor ping the gateway or the Android client from the
gateway/clients behind the gateway.
What I'm reacting on is that a route gets created for the IPv4 adress in
my routing table, but none for the IPv6 adress. Also checked with "ip -6
Is this a routing problem possibly, or maybe an firewall (iptables) problem?
Just to be clear, the client is connecting to the Strongswan server with
IPv4, should receive an IPv6 global adress inside the tunnel and then my
Strongswan server should route it out on the internet (through the
More information about the Users