[strongSwan] IPv6 dynamic prefix usage
Noel Kuntze
noel.kuntze+strongswan-users-ml at thermi.consulting
Wed Jan 8 21:10:12 CET 2020
Hello Dries,
Script it with Python and VICI then. It's there for a reason. ;)
Kind regards
Noel
Am 07.01.20 um 21:56 schrieb driesm.michiels at gmail.com:
> Hi!
>
>
>
> I’m a user of strongSwan on FreeBSD and all works fine for IPv4.
>
> I’m currently trying to figure out what the best way is to get IPv6 native VPN clients that can reach the internet.
>
>
>
> 1. *Preferably*: assign a global prefix to the clients in some way, the problem is that it’s a dynamic prefix that was once allocated to me through DHCPv65
>
> I can put it on a interface on my machine or even extract it from the lease file, but hard coding it as a virtual IP pool is a no go as it can change each restart.
>
> 2. Virtual IP’s with ULA addresses that are NAT-ed to reach the internet with a NAT rule that can handle a dynamic prefix
>
>
>
> Is there a way to get the preferable way working ^^? Are there any plans to the source code that could facilitate IPv6 prefix handling?
>
> The beauty of IPv6 is to give a global address to every client on it ^^, which I currently don’t see an easy way to do (because of the dynamic nature of it).
>
>
>
> Thanks in advance
>
>
>
> Dries
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20200108/6b70f1e4/attachment.sig>
More information about the Users
mailing list