Posts tagged with “IPv6”

The Internet doesn't like VPNs

Written by Simone

It's been a week or so that I started using Wireguard on my desktop too, browsing the Internet and doing the usual stuff I do, but this time connecting both via IPv4 and IPv6 through my VPS.

Results? I've already been banned (or to better state it, my VPS's IPv4 has) from 3 popular hosts: reddit, imgur and alienwarearena. Reason? I don't really know, looks like everyone doesn't like VPNs.

For the time being I resorted to replace with (even in my SearxNG instance) to be able to browse that shit, which unfortunately is sometimes useful. "imgur" is even more trickier, since I was still able to upload images (and also display them) via their API on Glowing-Bear.. But if I try to curl from my VPS shell I get this:

{"data":{"error":"Imgur is temporarily over capacity. Please try again later."},"success":false,"status":403}

"Over capacity", yeah, but it's a 403, you liar!

So, a few moments ago I set my Wireguard service in Windows to manual start, stopped it and now I'm back with Hurricane Electric IPv6 tunnel - I would like to avoid being banned from the rest of the world, if possible.

Thanks for all the fish.

Wireguard IPv6

Written by Simone

Here's my configuration, working fine with my Android 9 Phone


root@pandora:~# cat /etc/wireguard/wg0.conf
# specify generated private key for server
PrivateKey = <sekret>
# IP address for VPN interface
Address =, fd42:42:42::1/64
MTU = 1420
# UDP port WireGuard server listens
ListenPort = 51820

# possible to set any commands after WireGuard starts/stops
# set routing rules like follows to access to local network via VPN session
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE;
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE;

# specify public key for client
PublicKey = <sekret>
# clients' VPN IP addresses you allow to connect
# possible to specify subnet ⇒ []
AllowedIPs =, fd42:42:42::6/128
PersistentKeepalive = 25


root@pandora:~# cat /etc/wireguard/redmi.conf
#Private IP Address
Address = fd42:42:42::6/128,
#Client's Private Key
PrivateKey = <sekret>
#Server's listening port
ListenPort = 51820

#Server's Public Key
PublicKey = <sekret>
AllowedIPs = ::0/0,
#Server's IP:port
Endpoint =


root@pandora:~# sysctl -p
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.eth0.accept_ra = 2

Setting up IPv6 in Windows

Written by Simone

Found this post quite useful to set up Hurricane Electric's IPv6 on a Windows machine and serve the connection over LAN (Windows machine must stay on, obviously)

Legend of variables:
$ipv4a   = tunnel server's IPv4 IP
$ipv4b   = user's IPv4 IP
$ipv6a   = tunnel server's side of point-to-point /64 allocation
$ipv6b   = user's side of point-to-point /64 allocation
$ipv6c   = first address of user's routed /64 allocation
$ipv6d   = user's routed /64 allocation
$adapter = name of local area network connection (where your IPv4 address is configured now)

netsh int teredo set state disabled
netsh int ipv6 add v6v4tunnel IP6Tunnel $ipv4b $ipv4a
netsh int ipv6 add address IP6Tunnel $ipv6b

netsh int ipv6 set interface IP6Tunnel forwarding=enabled
netsh int ipv6 set interface "$adapter" forwarding=enabled advertise=enabled
netsh int ipv6 add address "$adapter" $ipv6c
netsh int ipv6 set route $ipv6d "$adapter" publish=yes
netsh int ipv6 add route ::/0 IP6Tunnel $ipv6c publish=yes

IPv6 Certification by Hurricane Electric

Written by Simone

Not really that hard of a certification, but still.. Here we are 😀