Hello Experts,
now my <dns1> and <mail> are working fine with IPv6 and I am ongoing to
setup a VPN tunnel to my subnets.
What I have:
1) A server @Hetzner/Nuernberg
FQDN: mail.tamay-dogan.net
IPv4: 78.47.247.21
IPv6: 2a01:dead:beef:1300:0:0:0:2 (gw: 2a01:dead:beef:1300:0:0:0:1)
TBytes of traffic I never use!
--[ '/etc/openvpn/vpn_gateway.conf' ]-------------------------------
tls-server
port 1194
proto tcp-server
dev tun
tun-ipv6
ca /etc/openvpn/cacert.pem
cert /etc/openvpn/vpn_gateway.pem
key /etc/openvpn/vpn_gateway.key
dh /etc/openvpn/dh1024.pem
keepalive 10 120
persist-key
persist-tun
status /var/log/openvpn-status.log
#up /etc/openvpn/client_up.sh
#down /etc/openvpn/client_down.sh
--------------------------------------------------------------------
2) @office an ADSL2+ connectivity 16/1.6 MBit.
FQDN: gateway.intranet1.tamay-dogan.net
IPv4 ext: 85.182.220.41
IPv4 int: 192.168.0.2
ALL ports forwarded to
FQDN: router.intranet1.tamay-dogan.net
IPv4: 192.168.0.1
3) @office my router
FQDN: router.intranet1.tamay-dogan.net
IPv4 eth0: 192.168.0.1
IPv4 eth1: 192.168.1.1
IPv6 eth1: 2a01:dead:beef:1300:0:0:1:1
--[ '/etc/openvpn/vpn_intranet1.conf' ]-----------------------------
tls-client
remote mail.tamay-dogan.net
proto tcp-client
dev tun
tun-ipv6
ca /etc/openvpn/cacert.pem
cert /etc/openvpn/vpn_intranet1.pem
key /etc/openvpn/vpn_intranet1.key
status /var/log/openvpn-status.log
ping 30
#up /etc/openvpn/client_up.sh
#down /etc/openvpn/client_down.sh
--------------------------------------------------------------------
4) My subnet <intranet1.tamay-dogan.net> is configured to use
IPv4: 192.168.1.0-255/24
IPv6: 2a01:dead:beef:1300:0:0:1:0 to 2a01:dead:beef:1300:0:0:1:ffff
(65536 IPs)
5) OpenVPN connectivity between 1) and 3) is established and working
What I want:
Create an IPv6 tunnel bertween 1) and 3)
I have found this HOWTO:
<http://simmscmi.blogspot.de/2009/11/how-to-setup-ipv6-capable-openvpn.html>
and up to the moment when I start VPN, all is working fine, speak, I see
the connection starting properly...
I have problems with:
1) On the server:
--[ '/etc/openvpn/vpn_gateway.sh' ]---------------------------------
#!/bin/bash
openvpn --script-security 2 \
--config /etc/openvpn/vpn_gateway.conf
ifconfig tun0 up 192.168.255.1 dstaddr 192.168.255.2
ip -6 addr add 2a01:dead:beef:1300:0:0:1:1/112 dev tun0
ip -6 route add 2a01:dead:beef:1300:0:0:0:2/64 dev tun0
--------------------------------------------------------------------
2) On the router:
--[ '/etc/openvpn/vpn_intranet1.sh' ]-------------------------------
#!/bin/bash
openvpn --script-security 2 \
--config /etc/openvpn/vpn_intranet1.conf
ifconfig tun0 up 192.168.255.2 dstaddr 192.168.255.1
ip -6 addr add 2a01:dead:beef:1300:0:0:1:1/112 dev tun0
ip -6 route add 2a01:dead:beef:1300:0:0:0:2/64 dev tun0
ip -6 route add default via 2a01:dead:beef:1300:0:0:0:1
--------------------------------------------------------------------
Any help welcome.
Note: In the above link, the author "simmscmi" wrote, that this config
allow only one connection, but I need to connect several subnets
to the <mail> server, mean:
intranet1 use 2a01:dead:beef:1300:0:0:1:nnnn
intranet2 use 2a01:dead:beef:1300:0:0:2:nnnn
pmcos use 2a01:dead:beef:1300:0:0:3:nnnn
private use 2a01:dead:beef:1300:0:0:4:nnnn
tdcloud use 2a01:dead:beef:1300:0:0:5:nnnn
and so on...
Thanks, Greetings and nice Day/Evening
Michelle Konzack
--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
Internet Service Provider, Cloud Computing
<http://www.itsystems.tamay-dogan.net/>
<http://www.debian.tamay-dogan.net/>
itsystems@tdnet Jabber linux4michelle@jabber.ccc.de
Owner Michelle Konzack
Gewerbe Strasse 3 Tel office: +49-176-86004575
77694 Kehl Tel mobil: +49-177-9351947
Germany Tel mobil: +33-6-61925193 (France)
USt-ID: DE 278 049 239
Linux-User #280138 with the Linux Counter, http://counter.li.org/
Attachment:
signature.pgp
Description: Digital signature