~fkooman/vpn-documentation

9d22c514a9f893498f2c8bf8688d2e8a6c9adb4d — François Kooman 2 months ago 2912c0c
hopefully fix IPv6 when deploying on VM using RA
1 files changed, 7 insertions(+), 3 deletions(-)

M deploy_fedora_v3.sh
M deploy_fedora_v3.sh => deploy_fedora_v3.sh +7 -3
@@ 14,6 14,10 @@ MACHINE_HOSTNAME=$(hostname -f)
printf "DNS name of the Web Server [%s]: " "${MACHINE_HOSTNAME}"; read -r WEB_FQDN
WEB_FQDN=${WEB_FQDN:-${MACHINE_HOSTNAME}}

# external "Default Gateway" Address 
EXTERNAL_IF=$(ip -4 ro show default | tail -1 | awk {'print $5'})
printf "External Network Interface [%s]: " "${EXTERNAL_IF}"; read -r EXTERNAL_IF

###############################################################################
# SYSTEM
###############################################################################


@@ 121,9 125,9 @@ sed -i "s|fd43::/64|$(vpn-user-portal-suggest-ip -6)|" "/etc/vpn-user-portal/con
cat << EOF > /etc/sysctl.d/70-vpn.conf
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
# allow RA for IPv6 which is disabled by default when enabling IPv6 forwarding 
# **REMOVE** for static IPv6 configurations!
net.ipv6.conf.all.accept_ra = 2
# **ONLY** needed for IPv6 configuration through auto configuration. Do **NOT**
# use this in production as that requires STATIC IP addressess!
net.ipv6.conf.${EXTERNAL_IF}.accept_ra = 2
EOF

sysctl --system