Text only | Text with Images

OPNsense Forum

Archive => 22.1 Legacy Series => Topic started by: 8191 on January 30, 2022, 05:40:07 PM

Title: Dual-stack IPsec route-based tunnel
Post by: 8191 on January 30, 2022, 05:40:07 PM
Hi,
anyone already accomplished a dual-stack IPv4 and IPv6 route-based IPsec tunnel? I want to use IPv4 and IPv6 (in Phase 2) in a single tunnel, is this possible?
Whenever I add the IPv6 Phase 2 the tunnel removes the IPv4 network endpoints:

Before (IPv4 only):
Code Select

ipsec2000: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1400
        tunnel inet 80.123.123.49 --> 51.21.21.19
        inet6 fe80::222:68ff:fe12:b78b%ipsec2000 prefixlen 64 scopeid 0x9
        inet 172.16.0.4 --> 172.16.0.8 netmask 0xffffffff
        groups: ipsec
        reqid: 2000
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>


After (IPv4 and IPv6 added on P2):
Code Select

ipsec4: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1400
        tunnel inet 80.123.123.49 --> 51.21.21.19
        inet6 fe80::222:68ff:fe12:b78b%ipsec4 prefixlen 64 scopeid 0x9
        inet6 fdfa:8191:4040:2000::4 --> fdfa:8191:4040:2000::8 prefixlen 128
        groups: ipsec
        reqid: 4
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>


Any ideas?
Text only | Text with Images