ipv6, teredo, win7 firewall, correct config?

Looking for assistance with a cryptostorm connection issue? Post here & we'll help out. Also: if you're not sure where to post, do so here & we'll move things around as needed. Also: for quickest support, email our oddly calm & easygoing support reps at support@cryptostorm.is :)

ipv6, teredo, win7 firewall, correct config?

Post by Umbungo » Wed Jul 05, 2017 9:44 pm

OK, a VPN is only as good as the system it's running on.

Leaky software firing out over your ISP IP, or using VPN to access 'real ID' sites like email at gmail etc is all a bad idea.

So running a tight ship when using VPN is smart.

Even ipv6 leaks (specifics of this post) are a worry, as are tunnels, so all connections have just ipv4 settings, with ms networking and ipv6 turned off.

iPv6 is also turned off in the registry, which turns off the tunnel interface (Teredo Tunnel (can't start code 10))

But I'm struggling seemingly more and more to keep the ship tight.

Right now for example I have in my firewall:
DHCP (all profiles)
F&PS 'ping' "
OpenVPN "
Firefox (set to public profile, which the VPN connection is seen as)

Everything works fine with FF set to private and using ISP.

As soon as I log on CS using a batch that just calls ovpn file (tcp balancer), then FF stops being able to resolve any addresses.

The only way I seem to be able to get FF to work is to turn on ipv6 and turn on the Teredo tunnel interface.

I'm sure this very spartan config worked for years and now suddenly I need a Teredo tunnel adapter and ipv6 turned on in registry to get the VPN to play ball?!

Does anyone have a definitive list of *exactly* what Win7 needs to do the most basic internet connection and VPN connection and work, all via ipv4?

Or does CS now require ipv6 somehow?

Or has something changed at the CS end (since my Win7 install and ovpn install are years old), that needs the Teredo interface (but not necessarily ipv6 part?)

While using CS VPN and having potentially an ipv6 tunnel doing stuff I can only worry about the potential that my ISP is snooping all my DNS traffic, or my router is, or god knows what else.

Does CS have a definitive guide on locking down Win7 alongside it's VPN service?

This could all be something I've messed up at my end, but the Teredo/ipV6 thing is what makes/breaks the VPN functionality on two Win7 machines here... hence me wanting clarification on it's function with the CS VPN.