I wanted to let this list know some of my observations with getting IPv6 to
work on my iPhone with Anyconnect and an ocserv server. I noticed some much
older threads on this list but no one got it working as far as I can tell.
I have a personal IPv6 environment where I run ocserv and I hand out iPv6 (and
IPv4) addresses to my VPN clients. With CISCO's anyconnect client on my Windows
system things work fine. It properly sets things up and installs a default IPv6
route.
On my iPhone anyconnect client, it gets an IPv6 address and a default route
(::/0) but no IPv6 packets are routed. While the app states full tunnel mode
for IPv6, nothing happens.
However, when I force a route to the IPv6 unicast space with a split route by
adding a custom header to my ocserv.conf
custom-header = "X-CSTP-Split-Include-IP6: 2000::/3"
things work fine. I had to use the custom header because ocserv doesn't send
routes to non-openconnect clients.
I'm puzzled why the iPhone client and the Windows client behave differently
because they do seem to share quite a lot of code.
Leendert
_______________________________________________
openconnect-devel mailing list
[email protected]
http://lists.infradead.org/mailman/listinfo/openconnect-devel
