I created an IKEv2 connection to a VPN service on my Keenetic router. I created a new connection policy and selected the VPN connection as the only conenction for that policy.
When I assign clients to the VPN policy, their IPv4 traffic is correctly routed via the VPN service. However, the IPv6 traffic keeps going through the main ISP, thus leaking my real IPv6 addresses. The only way to stop this is to disable IPv6 on every client when I assign them to the VPN policy, but this is annoying because I frequently move clients to and from the VPN policy.
I guess maybe it's difficult to block the IPv6 traffic because SLAAC is stateless and the Keenetic router doesn't know which device has an IPv6, but maybe it's possibile to track the MAC addresses?
You can post now and register later.
If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.
Question
fl4co
Hello.
I created an IKEv2 connection to a VPN service on my Keenetic router. I created a new connection policy and selected the VPN connection as the only conenction for that policy.
When I assign clients to the VPN policy, their IPv4 traffic is correctly routed via the VPN service. However, the IPv6 traffic keeps going through the main ISP, thus leaking my real IPv6 addresses. The only way to stop this is to disable IPv6 on every client when I assign them to the VPN policy, but this is annoying because I frequently move clients to and from the VPN policy.
I guess maybe it's difficult to block the IPv6 traffic because SLAAC is stateless and the Keenetic router doesn't know which device has an IPv6, but maybe it's possibile to track the MAC addresses?
3 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.