Community discussions

MikroTik App
  4. RouterOS
  5. General

L2TP/IPSec with IPv6 Connection?

Post Reply
 
User avatar
blackmesawireless
just joined
Topic Author
Posts: 18
Joined: Sat Sep 20, 2014 8:38 pm

L2TP/IPSec with IPv6 Connection?

Sun Jun 18, 2017 1:39 am

We have a VPN that works fine for Windows and Android on IPv4, but I can't seem to get it to work on IPv6.

Initially I had trouble with ph2 packets in the log, but I fixed that by creating an IPv6 specific policy in /ip ipsec policy:
Code: Select all
 2 T   ;;; ipv6
       group=default src-address=::/0 dst-address=::/0 protocol=all proposal=l2tp-proposal template=yes
Here's the /ip ipsec proposal:
Code: Select all
 1    name="l2tp-proposal" auth-algorithms=sha256,sha1,md5 enc-algorithms=aes-256-cbc,aes-128-cbc,3des lifetime=30m pfs-group=modp1024
Here's /interface l2tp-server server
Code: Select all
enabled: yes
max-mtu: 1450
max-mru: 1450
mrru: disabled
authentication: mschap2
keepalive-timeout: 30
max-sessions: unlimited
default-profile: l2tp-profile
use-ipsec: yes
ipsec-secret: hunter2
allow-fast-path: no
Here's the ppp profile:
Code: Select all
 1   name="l2tp-profile" local-address=xxx.xxx.xxx.254 remote-address=internal-pool remote-ipv6-prefix-pool=office-internal-new use-ipv6=yes use-mpls=default use-compression=default use-encryption=default only-one=default change-tcp-mss=yes use-upnp=default
     address-list="" dns-server=xxx.xxx.xxx.xxx on-up="" on-down=""
I don't get any errors in the logs, it just repeatedly tries to initiate the session. Any guidance or configs I can cargo cult are welcome!
Top
 
idlemind
Forum Guru
Forum Guru
Posts: 1146
Joined: Fri Mar 24, 2017 11:15 pm
Location: USA

Re: L2TP/IPSec with IPv6 Connection?

Sun Jun 18, 2017 3:43 am

Same here ... In MIkroTik you are given the option for a remote-ipv6-prefix-pool and use-ipv6 toggle option in the PPP profile. This implies I want to assign an entire /64 to my VPN user. I don't, I want them to get a single address like IPv4 with a "local-address" option for the IPv6 side of that connection.

Just for clarity this doesn't make IPv6 on my Android through VPN work. It simply consumes an IPv6 prefix from my ISP issued pool.

/frustrating, MikroTik, IPv6 is real. I promise you.
Top
 
davidhen
just joined
Posts: 1
Joined: Mon Aug 07, 2017 2:52 pm
Location: Melbourne, Australia

Re: L2TP/IPSec with IPv6 Connection?

Mon Aug 07, 2017 3:00 pm

What VPN service are you using ?
Top
 
buckett
just joined
Posts: 7
Joined: Thu Apr 19, 2012 12:09 am

Re: L2TP/IPSec with IPv6 Connection?

Thu Nov 30, 2017 11:34 am

Did you ever manage to get this working correctly?
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 36 guests
  4. RouterOS
  5. General