Text only | Text with Images

OPNsense Forum

English Forums => Virtual private networks => Topic started by: stanthewizzard on November 19, 2024, 03:00:59 PM

Title: Wireguard is ok with ipv4 but not with ipv6
Post by: stanthewizzard on November 19, 2024, 03:00:59 PM
Hello

I have a functionnal wireguard setting. I can ping everything over ipv4 (LAN or WAN)
But no access to ipv6 ping.

on server peers allowed IP: 0.0.0.0./0,::/64
on client : ::/0

Thanks for help
Title: Re: Wireguard is ok with ipv4 but not with ipv6
Post by: tiermutter on November 20, 2024, 08:09:48 AM
Quote from: stanthewizzard on November 19, 2024, 03:00:59 PM
on server peers allowed IP: 0.0.0.0./0,::/64

'Allowed IPs' on server peers means 'IP assigned to client', you cannot use ::/64 for this!
You need to add an IP from tunnel range.

e.g. from my config:
Tunnel address [server instance] = fd00:13:18::1/64
Allowed IPs [server peer] = fd00:13:18::2/128

Address [client interface] = fd00:13:18::2/128
Allowed IPs [client interface] = ::/0 (for Windows I use ::/1, 8000::/1)

Title: Re: Wireguard is ok with ipv4 but not with ipv6
Post by: tiermutter on November 20, 2024, 08:11:16 AM
Having a static prefix, you may want to use a deligated prefix (GUA) instead of ULA.
Title: Re: Wireguard is ok with ipv4 but not with ipv6
Post by: Pocket_Sevens on November 20, 2024, 08:52:02 PM
Quote from: stanthewizzard on November 19, 2024, 03:00:59 PM
Hello

I have a functionnal wireguard setting. I can ping everything over ipv4 (LAN or WAN)
But no access to ipv6 ping.

on server peers allowed IP: 0.0.0.0./0,::/64
on client : ::/0

Thanks for help

Hey @stanthewizard.

Would you be willing to share your IPV6 config (minus any private details)?  I'm trying to get WG to work for IPV6.  Thanks.
Text only | Text with Images