[strongSwan] IPv6 in IPv4 without having any native IPv6 connectivity, policy based VPN

Noel Kuntze noel.kuntze+strongswan-users-ml at thermi.consulting
Wed Jan 22 20:26:15 CET 2020

Hello list,

I ran into the issue that I can't connect over IPv6 over my 6in4 tunnel using IPsec as a policy based VPN,
because there's no next hop and hence no valid route for the IPv6 traffic.
Is there any workaround or hack to this issue, other than using a route based VPN?

Error message when pinging is: ping: sendmsg: Invalid argument
Ping natively tries IPv6 first, if there's an IPv6 address and a AAAA record, it seems, although there's no route.

Kind regards


Noel Kuntze
IT security consultant

GPG Key ID: 0x0739AD6C
Fingerprint: 3524 93BE B5F7 8E63 1372 AF2D F54E E40B 0739 AD6C

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20200122/fcaa7d87/attachment.sig>

More information about the Users mailing list