I set up the OpenVPN server using the Foris interface and I’m trying to connect to it with an external client. When the client connects over IPv4, everything works as expected. When the client tries to connect over IPv4 to any of the routers IPv6 addresses, the connection fails.
I checked the iptables rules and tcpdump and the UDP packets are arriving at the router. Then I checked the “netstat” command and found that openvpn is only listening on the IPv4 interface:
root@turris:~# grep proto /etc/config/openvpn
option proto 'udp'
root@turris:~# netstat -lp | grep openvpn
udp 0 0 0.0.0.0:openvpn 0.0.0.0:* 17303/openvpn
When I change the OpenVPN configuration to use “udp6” as the protocol, it switches to listening only on IPv6:
root@turris:~# grep proto /etc/config/openvpn
option proto 'udp6'
root@turris:~# netstat -lp | grep openvpn
udp 0 0 :::openvpn :::* 5015/openvpn
In this mode, clients that are connecting to IPv6 work fine but clients connecting to IPv4 cannot connect. From the OpenVPN logs, I find:
2017-05-12T18:03:06-04:00 warning openvpn(server_turris)[7368]: Could not determine IPv4/IPv6 protocol. Using AF_INET
2017-05-12T18:03:06-04:00 notice openvpn(server_turris)[7368]: UDPv4 link local (bound): [AF_INET][undef]:1194
2017-05-12T18:03:06-04:00 notice openvpn(server_turris)[7368]: UDPv4 link remote: [AF_UNSPEC]
Any ideas how I can get OpenVPN to be listening on BOTH IPv4 and IPv6 at the same time?