Jump to content
Not connected, Your IP: 160.79.109.255
AirVPN
Sign in to follow this  
Followers 0
xmilenium

Title: IPv6 not routing through AirVPN on OpenWrt (WireGuard)

By xmilenium, ... in Troubleshooting and Problems

Recommended Posts

xmilenium    0

xmilenium
Posted ... (edited)

Hi everyone,
 

I'm using AirVPN through WireGuard on my OpenWrt router (latest stable version), but I'm having trouble getting IPv6 to work properly. IPv4 traffic goes through the VPN just fine, but IPv6 traffic does not.

Here are my relevant settings and config:

// network:

config interface 'loopback'
    option device 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config globals 'globals'
    option ula_prefix 'fdef:xxxx:xxxx::/48'
    option packet_steering '1'

config device
    option name 'br-lan'
    option type 'bridge'
    list ports 'lan1'
    list ports 'lan2'
    list ports 'lan3'
    list ports 'lan4'

config interface 'lan'
    option device 'br-lan'
    option proto 'static'
    option ipaddr '192.168.1.1'
    option netmask '255.255.255.0'
    option ip6assign '60'

config interface 'wan'
    option device 'wan.10'
    option proto 'dhcp'
    option peerdns '0'
    list dns '1.1.1.2'

config interface 'wan6'
    option device 'wan.10'
    option proto 'dhcpv6'
    option reqaddress 'try'
    option reqprefix 'auto'
    option peerdns '0'
    list dns '2606:4700:4700::1112'

config device
    option type '8021q'
    option ifname 'wan'
    option vid '10'
    option name 'wan.10'

config interface 'vpn'
    option proto 'wireguard'
    option private_key '***REDACTED***'
    list addresses '10.x.x.x/32'
    list addresses 'fdxx:xxxx:xxxx:xxxx::xxxx/128'

config wireguard_vpn 'wgserver'
    option public_key '***REDACTED***'
    option preshared_key '***REDACTED***'
    option endpoint_host 'xxx.xxx.xxx.xxx'
    option endpoint_port '1637'
    option persistent_keepalive '15'
    option route_allowed_ips '1'
    list allowed_ips '0.0.0.0/0'
    list allowed_ips '::/0'

// firewall

config defaults
    option syn_flood '1'
    option input 'REJECT'
    option output 'ACCEPT'
    option forward 'REJECT'

config zone 'lan'
    option name 'lan'
    list network 'lan'
    option input 'ACCEPT'
    option output 'ACCEPT'
    option forward 'ACCEPT'

config zone 'wan'
    option name 'wan'
    list network 'wan'
    list network 'wan6'
    list network 'vpn'
    option input 'REJECT'
    option output 'ACCEPT'
    option forward 'REJECT'
    option masq '1'
    option mtu_fix '1'

config forwarding
    option src 'lan'
    option dest 'wan'

# IPv6-related firewall rules omitted for brevity but mostly default ICMPv6 & DHCPv6

 

Despite ::/0 being in the allowed_ips for the WireGuard interface, my IPv6 traffic still seems to go out through the regular WAN or not at all.

Does anyone know what I'm missing or how to properly force all IPv6 traffic through the VPN tunnel like IPv4?
 

Thanks in advance!

Screenshot 2025-04-07 080754.jpg

Edited ... by xmilenium

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...