IPv6 Client Pool (virtual network) per server

Hello! AFAIS the IPv6 client pool is not configurable, but always in the range fd00:… I dumped the mongodb and did not find any config options with this string, which lead me to the conclusion that the IPv6 client pool virtual network is derived from the IPv4 client pool virtual network.

I also read, that with the Premium subscription the “host” can be configured to use a Routed IPv6 Subnet, which, if configured, will be used as client pool.

In our company, we currently have VPN client pools per department. When connected to the VPN, every department has a defined IPv4 range (RFC1918) and a defined IPv6 range (public/global addresses). These networks are used in our firewall to grant access. Currently we use this setup with plain OpenVPN.

I wanted to replace that setup with Pritunl. For every department I configured a “server”, and the IPv4 client range (without NAT). That works fine. I also would like to keep the current IPv6 client ranges for every department. So I would like to configure the IPv6 pool per server, just as I configured the IPv4 pool. Is this somehow possible?

With an enterprise subscription the Routed IPv6 Subnet and Routed WG IPv6 Subnet option is shown in the host settings. This will change the first /64 segment of the client IP addresses to the routed subnet. Additionally proxy NDP can be enabled if required.

But as far as I understand this is a “host” option. So every server (meaning every department) will have to use the same IPv6 client pool. This is something I want to avoid.

The ip4to6x96 function in pritunl/utils/network.py is used to convert the server IPv4 network into a /96 subnet and convert the users IPv4 address to an IPv6 address. Each server virtual network will have a unique /96 subnet.

Ah, that’s a nice trick. Not what I was looking for, but I can work with that. Thanks