Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 16 replies
  • Subscribers 4 subscribers
  • Views 24878 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL Remote Access VPN and IPv6

danodemano

Hello,

I have my UTM 9.404 box setup for the remote access SSL VPN.  This works fine with IPv6 turned off.  However I would like to enable IPv6 (NOT FOR THE VPN) so that I can begin to leverage the expanded IP space for devices in my home.  However as soon as I get it all up and running the VPN breaks - I can connect but nothing routes.  If I switch IPv6 back off then the VPN starts working like it should.  I found this article (and tried the bottom 2 things) but it's still not working.  The first suggestion I am unable to do since both the IPv4 and ipV6 address on my WAN port are from DHCP.  

Just to make it clear I DO NOT care about using IPv6 on the SSL VPN but I don't see any way to disable it there.  Any advice would be appreciated.  I would rather not disable IPv6 globally just to get the VPN to work.

Thanks,

Dan



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to danodemano

    Dan, is it possible that this is an IPv6/DNS issue instead of a conflict between the SSL VPN and IPv6?  Have you tried installing the latest SSL VPN client package?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    Yes, I am pretty sure it's some type of conflict between the SSL VPN and IPv6.  I've tried both with the latest copy of the Sophos client and with a straight OpenVPN install and get the same results, I cannot even ping via IP through the tunnel with IPv6 enabled.  I did 2 tests tonight with IPv6 on and IPv6 off and the route statements are different, even the IPv4 side:

    With IPv6 enabled on the UTM:

    Without IPv6 enabled on the UTM:

    Thoughts?

    Thanks so much,

    Dan

  • 0 in reply to danodemano

    So I did a little more playing and looking at the routes and it's pretty clear that with IPv6 enabled there are two missing routes (these two only show up on the client machine when IPv6 is disabled on the UTM):

    I have the VPN operating as a full-tunnel, could this be part of the conflict with IPv6 enabled?  

Unfiltered HTML