@Sunshine thanks for the feedback.

I'll arrange something different then.

exactly my issue.

Is it on a plan to come up with a support for openVPN based on ipv6 adress?

I have AX5400 router..

Thanks,

Jan

  I'm really disappointed with Deco X20... I'm behind a CG-NAT when using ipv4 which blocks to create a vpn server.

I could create my vpn using a public ip ( ipv6 ), but now I'm blocked because the product does not support it.

It's a expensive product, but very limited technically.

We, customers,  need a target date / roadmap to have support VPN under IPV6 

Thanks

Same situation.  ISP doesn't provide public IPv4 (carrier NAT, no port forwarding), but does provide a public (dynamic) IPV6 /64.

I have a ER7212PC router.

OpenVPN supports IPv6 endpoints.  It should be trivial to expose this from the router.  I'd be happy to use the OpenVPN client instead of the TP-Link client.

WireGuard would also be happy to do this - but there's no WireGuard support in this router.

With DDNS over IPv6 - also trivial, either would allow tunneling IPv4 to the site.

We've considered paying for a static address (either IPv4 or an IPv6 > 64; however both are at best months away.  (The ISP is starting to provide service to the aream so these "advanced" services are lower priority than connecting residences...)  Meantime, it's really hard to support this site (I'm a 3 hour drive away from it.)

In any case, please add me to the list of customers who want xxx NEED IPv6 endpoints for OpenVPN...

Thanks.

CG-NAT is a standard nowadays. Shame on TP-Link for having such a weak support of IPv6 protocol in 2024.

SergejKiller wrote

CG-NAT is a standard nowadays. Shame on TP-Link for having such a weak support of IPv6 protocol in 2024.

  @SergejKiller 

Indeed.  Ad we don't need much from tp-link to get underway.

We get a /64 public (but dynamic) IPv6 address from the ISP.  We can handle the DDNS from a PC inside the network, and even with SLAAC, swap the prefix to find the router.  (This isn't rocket science.  The router's MAC won't change, so a PC that accesses a public V6 address can determine the current prefix, paste it onto the router's MAC-derrived EUI64, and presto, we have and endpoint address to put in DNS... The real-life odds of a small operation having an address conflict are essentially zero.)

The bare minimum we need from tp-link is for the router to listen to the IPv6 port (1194) and let the OpenVPN server do its thing for IPv4.  We don't need IPv6 tunnels, just IPv6 as transport for IPv4.  No code change, just the server config file...

OpenVPN knows how to do IPv6, and has for many years.  I don't think I can include the link here, but community open vpn net slash wkii slash IPv6 has the details...Note that the page hasn't been changed in 3 years.  This isn't news.

I'll have to experiment some more when I can get the people on the other end to help.

Of course it would be nice to have native DDNS support in the router, and integration with the GUI (and the tp-link client).  But quick is better than perfect.  CG (and other ISP) NAT is real life - the world did run out of IPv4 address allocations.

This is long overdue.

(And so is wireguard support - which in many ways is a better solution since it tracks changing IP addresses from both ends.)