VPN using WAN6?

Installing and Using OpenWrt
1

Hi,
i'm new to openwrt, i flashed it to an er605v2 tplink router. It seems work very good. I use the router behind a 5G mc889 zte modem, that is configured in ip passtrough.

I would setup a vpn to access my lan from outside.
My mobile ISP give an ipv4 cgnat and an ipv6 /64. It seems not use prefix delegation.
So my idea is configuring a DDNS with ipv6 so that i can reach router, at first step. Then setup a vpn server on openwrt router.

The questions are:

  • can i setup a vpn using wan6?
  • vpn clients need an ipv6 public address to setup a vpn connection this way?
  • can vpn server release an ipv4 lan address even if it use wan6 as interface?

Thanks

2
  1. Yes. Wireguard (for example, it is the usually recommended VPN protocol with OpenWrt) will listen for both incoming v4 and v6 connections by default.
  2. Yes. The client must have access to the v6 Internet to reach your server with v6.
  3. Yes. v4 or v6 can exist inside a Wireguard tunnel regardless of the version used to transport the outer encrypted packets.
3 Likes
3

Do you advice using wireguard or tailscale?

4

I would use wireguard if you can have incoming connections, since it is simpler and you control all parts of it. SD-WANs like Tailscale are useful when both ends are behind NAT but it is a more complicated package and it must involve a third party.

As far as SD-WAN, I've been using Zerotier instead of Tailscale.

2 Likes
5

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.