9.4 Soft - IPv6 SSL Remote Access - iOS

i tried this today and to my big suprise it worked. I connected via ipv6 from my iphone (9.3) to my utm (9.4) and could reach IPv4 Targets in my home LAN. No problem?

Not sure how yours is working because if I have both IPv4 and IPv6 networks in the configuration for my VPN Pool (SSL) definition and both IPv4 and IPv6 in the set of local networks then only IPv6 traffic is able to be tunneled over the VPN. If I have only an IPv4 network in the VPN Pool (SSL), then I am able to use IPv4 traffic across the tunnel but not IPv6.

hi, sorry i read it wrong (duh reading on smartphone)
my VPN Pool only has IPv4, i guess thats why it is working. VPN is established via IPv6.

should this also work the same way on the openvpn windows client?

Trust me it took 3 days (and escalation to Teir 3) trying to get support to understand the issue, so I can understand the mistake.

As to the question about Windows; in theory, yes it should. I can't say 100% because I haven't tested it myself.

took me over a year so far and IPv6 Prefix Delegation over PPPoE has not really been acknowledged (see other thread) 

frust-rat-ing! ;-) 

ill try windows open vpn tomorrow when i'm at my inlaws house...

I have to correct myself. 

VPN Pool (SSL) has both ipv4 & ipv6

10.242.2.0/24 AND fd32:5a88:8e98:2::/64

ipv4 works from iphone (ios 9.3) over OpenVPN from a IPv6 Network to home sophos.

maybe the problem is when using global IPv6 adresses?

The subnets you have in your VPN Pool (SSL) are the exact same ones I am using.

I just tested with the IPv6 enabled and again I am only able to establish connections via IPv6. So example if I were to go to test-IPv6.com or then it will show my IPv4 from the device or its local network, but show the UTMs IPv6 address.

However this time I tested a few more things today and noticed something new, I can ping/traceroute from devices on my network both over IPv4 and IPv6 to the iPad.

What are you using as local networks? Because in mine I have two, Any IPv4 and Any IPv6.

i put in local networks 192.168.10.0/24 and 192.168.50.0/24

i have a new problem. I can't get a working OpenVPN connection via my windows 10 laptop. I tried both the openvpn and the sophos client and via tcp and tcp6.

this is a new problem. Iphone right next to me (in the same location, same wifi) connects without any problems through IPv6 and i can access my NAS on the other side via IPv4.

Windows Client established Connection, no errors, all route set, no errors on sophos side either. But can't even ping the gateway.

Ah, that's why yours is working. You are only using a split tunnel not a full tunnel. Thus your VPN tunnels are passing the IPv4 routes needed instead of being sent the redirect-gateway configuration, this explains why it was always working for you.

I just updated the original post to indicate that the issue is only with full tunnels (or Tunnel all traffic).

As to the issue with Windows, I'm sorry but I can't help with that.

So the developers are fully aware of this issue now and it has been reported as developer bug NUTM-3439.

The temporary work around until it has been patched in a future up2date is to:

Dev mentioned one workaround that you could try is to configure the Local Networks as follows instead of "Any".

Object1: IPv4: 128.0.0.0/1 IPv6: 8000::/1

Object2: IPv4: 64.0.0.0/2 IPv6: ::/1

Object3: IPv4: 32.0.0.0/3

Object4: IPv4: 16.0.0.0/4

Object5: IPv4: 8.0.0.0/5

Object6: IPv4: 4.0.0.0/6

Object7: IPv4: 2.0.0.0/7

Object8: IPv4: 1.0.0.0/8