OpenVPN won't connect to my IPv6 address (write UDP: unknown error code=10051)

GoogleUser247-2

7/22/23, 5:55 PM

I have a problem with my VPN. I have recently gotten an IPv6 address and wanted to use that for OpenVPN. I can connect if I use my IPv4 address instead which makes me think I have probably done something wrong or it isn't supported yet.

Below you can find my server.conf and client.ovpn:

server.conf:

  port 1194
  proto udp6
  dev tun-ipv6
  
  local 2a0a:51c0:0000:0227:0000:0000:0000:0002
  ca /path/to/ca.crt
  cert /path/to/server.crt
  key /path/to/server.key
  dh /path/to/dh.pem
  crl-verify /etc/openvpn/server/crl.pem
  
   server 10.132.178.0 255.255.255.0
   server-ipv6 fdbc:291a:f690:3a84::/64
   push "redirect-gateway ipv6 def1"
   push "route-ipv6 ::/0"
   push "route-metric 2000"
   
   push "dhcp-option DNS 2001:1608:10:25::1c04:b12f"
   push "dhcp-option DNS 2001:1608:10:25::9249:d69b"
   duplicate-cn
   cipher AES-256-CBC
   tls-version-min 1.2
   tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
   auth SHA512
   auth-nocache
   keepalive 20 60
persist-key
persist-tun
compress lz4
daemon
askpass /etc/openvpn/server/pass.txt
user nobody
group nobody
client-config-dir /etc/openvpn/ccd
log-append /var/log/openvpn.log
verb 4)

client.ovpn:

client
dev tun-ipv6
proto udp6

remote 2a0a:51c0:0000:0227:0000:0000:0000:0002 1194

ca "path to CA"
cert "path to client cert"
key "path to client key"

cipher AES-256-CBC
auth SHA512
auth-nocache
tls-version-min 1.0
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
remote-cert-tls server

resolv-retry infinite
compress lz4
nobind
persist-key
mute-replay-warnings
verb 4
register-dns

Any help is appreciated!

0 + 0

linux

ipv6

openvpn

Zac67

7/22/23, 6:15 PM

Have you tried `ping`ing or `tracert`ing the server (after permitting ICMP on the firewall)?

GoogleUser247-2

7/22/23, 6:46 PM

I have tried pinging it. The IPv6 address is not pingable (why did I not do this earlier?).

Zac67

7/22/23, 6:55 PM

And `tracert`? Where does it stop?

GoogleUser247-2

7/22/23, 7:01 PM

`tracert` stops at my IPv6 gateway address (request timed out after that).

Zac67

7/22/23, 7:14 PM

*after permitting ICMP on the firewall*

Zoredache

7/23/23, 1:43 AM

Fire up tcpdump/wireshark. Set capture filters for ipv6 udp/1194 and attempt to connect. If you don't see anything, it is likely some firewall or networking issue.

GoogleUser247-2

7/23/23, 6:19 PM

Tcpdump didnt show any incoming packages on UDP port 1194.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: OpenVPN won't connect to my IPv6 address (write UDP: unknown error code=10051)

TH: OpenVPN จะไม่เชื่อมต่อกับที่อยู่ IPv6 ของฉัน (เขียน UDP: รหัสข้อผิดพลาดที่ไม่รู้จัก = 10051)

RO: OpenVPN nu se va conecta la adresa mea IPv6 (scrieți UDP: cod de eroare necunoscut=10051)

RU: OpenVPN не подключается к моему адресу IPv6 (пишет UDP: неизвестный код ошибки = 10051)

VI: OpenVPN sẽ không kết nối với địa chỉ IPv6 của tôi (viết UDP: mã lỗi không xác định=10051)

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.