cross-posted from: https://lemmy.world/post/3754933

While experimenting with ProtonVPN’s Wireguard configs, I realized that my real IPv6 address was leaking while IPv4 was correctly going through the tunnel. How do I prevent this from happening?

I’ve already tried adding ::/0 to the AllowedIPs option and IPv6 is listed as disabled in the NetworkManager profile.

  • @nothacking@discuss.tchncs.de
    52 years ago

    The true enterprise solution is to disable IPv6, if you disable IPv4 you might be surprised to see how many sites and services, even those run by large companies require IPv4.

  • dr_robot
    52 years ago

    Wireguard easily supports dual stack configuration on a single interface, but the VPN server must also have IPv6 enabled. I use AirVPN and I get both IPv6 and IPv4 with a single wireguard tunnel. In addition to the ::/0 route you also need a static IPv6 address for the wireguard interface. This address must be provided to you by ProtonVPN.

    If that’s not possible, the only solution is to entirely disable IPv6.

  • auth
    12 years ago

    I just disable ipv6 on my router to simply my firewall and such… Won’t use it until necessary

  • @wmassingham@lemmy.world
    12 years ago

    You can either route IPv6 through the tunnel, or if the tunnel doesn’t support it, you have to block it somehow if you don’t want it going out to the Internet. You can do that by creating a firewall rule to block it on your host or network, or by disabling IPv6 entirely at the host or network level.

    • @Molecular0079@lemmy.worldOPEnglish
      12 years ago

      You can either route IPv6 through the tunnel

      That’s what I am trying to do with the ::/0 option but it doesn’t seem to work. I am guessing because the tunnel itself doesn’t have IPv6?